This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
caller_name = inspect.stack()[1].function | |
file_name = inspect.stack()[1].filename | |
line_number = inspect.stack()[1].lineno | |
self.logger.debug(f"Called from function: {caller_name} in file {file_name} at line {line_number}") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create PS folder on C: drive | |
New-Item -ItemType Directory -Force -Path "C:\PS" | |
# Set TLS versions for download (it will error otherwise) | |
[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls" | |
# Download PsTools | |
Invoke-WebRequest -Uri "https://download.sysinternals.com/files/PSTools.zip" -OutFile "C:\PS\PSTools.zip" | |
# Extract PsTools to the PS folder | |
Expand-Archive -Path "C:\PS\PSTools.zip" -DestinationPath "C:\PS" | |
# Auto Accept EULA, can also run psexec with -accepteula | |
#reg ADD HKCU\Software\Sysinternals\PSexec /v EulaAccepted /t REG_DWORD /d 1 /f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[framework/core] | |
PROMPT=%whi[%T] %red(%L) %yel%J %grn%S%whi | |
TimestampOutput=true | |
ConsoleLogging=true | |
SessionLogging=true | |
[framework/features] | |
[framework/ui/console] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
curl -m 0.1 -s -I localhost:1337 & nc -l -p 1337 > /tmp/http_request.txt && cat /tmp/http_request.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
FILE=/etc/systemd/system/sliver-server.service | |
if [ ! -f "$FILE" ];then | |
sudo echo "[Unit] | |
Description=Sliver Server | |
[Service] | |
Type=simple | |
ExecStart=/usr/local/bin/sliver-server" > $FILE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Stopping sliver service (if it exists)" | |
sudo service sliver-server stop 2>/dev/null | |
echo "Removing old files (if they exist)" | |
[ ! -e file ] || rm sliver-client_linux.zip sliver-server_linux.zip | |
[ ! -e file ] || rm sliver-client sliver-server | |
echo "Downloading latest sliver linux releases" | |
wget -q "https://github.com/BishopFox/sliver/releases/latest/download/sliver-client_linux.zip" | |
wget -q "https://github.com/BishopFox/sliver/releases/latest/download/sliver-server_linux.zip" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Vulnerability Description] | |
OpenTrade through version 0.2.0 has a Dom-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains Javascript. | |
[Application Description] | |
OpenTrade is an open source crypto currency exchange that can support over a dozen cryptocurrencies. Its live version can be found at https://trade.multicoins.org. | |
[Affected Versions] | |
The following commit introduced the vulnerability, but OpenTrade did not have a package.json with applicable versioning: https://github.com/3s3s/opentrade/commit/731459452c8e476cb30fcf84ef0d05d153aba0ed#diff-910e51c56f379da78d78892e221e692aR417 | |
Officially version 0.2.0 of OpenTrade is the only "vulnerable" version, as it is the first committed version number in package.json |