Open Sec Open-Sec
Open-Sec
/ command.xml
Created
July 20, 2020 05:44
— forked from georgestephanis/command.xml
How to upload a file to a WordPress site via the XML-RPC API. Pretty easy, no? The attachment page if you want a html wrapper to present the file can be found at the following URL: http://yoursite.com/?attachment_id=722 (I left the ID the successful response in as an example)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='utf-8'?> | |
| <methodCall> | |
| <methodName>wp.uploadFile</methodName> | |
| <params> | |
| <param><value><string>1</string></value></param> | |
| <param><value><string>username</string></value></param> | |
| <param><value><string>password</string></value></param> | |
| <param> | |
| <value> | |
| <struct> |
Open-Sec
/ ipsec_config.sh
Created
March 16, 2020 23:25
— forked from andrejmaya/ipsec_config.sh
Setup Site-to-Site VPN connection with Strongswan. Execute this script on each gateway and change switch the variables accordingly
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export LEFT_GW_IP=35.157.246.157 | |
| export LEFT_CIDR=10.1.1.0/24 | |
| export RIGHT_GW_IP=35.158.110.212 | |
| export RIGHT_CIDR=10.2.1.0/24 | |
| sudo su | |
| apt-get update -y | |
| apt-get install -y strongswan | |
| cat >> /etc/sysctl.conf << EOF |
Open-Sec
/ eternalblue7_exploit.py
Created
June 15, 2017 10:23
— forked from worawit/eternalblue7_exploit.py
Eternalblue exploit for Windows 7/2008
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # IMPORTANT: You will need to disable SIP aka Rootless in order to fully execute this script, you can reenable it after. | |
| # WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars. | |
| # Get active services: launchctl list | grep -v "\-\t0" | |
| # Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents | |
| # Agents to disable | |
| TODISABLE=('com.apple.security.keychainsyncingoveridsproxy' 'com.apple.personad' 'com.apple.passd' 'com.apple.screensharing.MessagesAgent' 'com.apple.CommCenter-osx' 'com.apple.Maps.mapspushd' 'com.apple.Maps.pushdaemon' 'com.apple.photoanalysisd' 'com.apple.telephonyutilities.callservicesd' 'com.apple.AirPlayUIAgent' 'com.apple.AirPortBaseStationAgent' 'com.apple.CalendarAgent' 'com.apple.DictationIM' 'com.apple.iCloudUserNotifications' 'com.apple.familycircled' 'com.apple.familycontrols.useragent' 'com.apple.familynotificationd' 'com.apple.gamed' 'com.apple.icloud.findmydeviced.findmydevi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| hello |