ajdumanhug

Finding creds in git repos is awesome.

$ for commit in $(seq 1 $(git reflog | wc -l)); do git diff HEAD@{$commit} 2>/dev/null | grep password; done
-spring.datasource.password=g!'301T%y%xT@uL`
+spring.datasource.password=4AT&G;[H@&'\^uDK
-spring.datasource.password=UmAnR=-v|{2=gyx?
+spring.datasource.password=4AT&G;[H@&'\^uDK
...

ajdumanhug

Preparación para el OSCP (by s4vitar)

Penetration Testing with Kali Linux (PWK) course and Offensive Security Certified Professional (OSCP) Cheat Sheet

Índice y Estructura Principal

• Antecedentes - Experiencia Personal
• Buffer Overflow Windows (25 puntos)
  • Fuzzing

• Calculando el Offset (Tamaño del Búffer)

ajdumanhug

exploit/osx/mdns/upnp_location: RPORT 0
exploit/windows/dcerpc/ms07_029_msdns_zonename: RPORT 0
exploit/windows/scada/igss9_misc: RPORT 0
exploit/windows/firewall/blackice_pam_icq: RPORT 1
exploit/windows/http/altn_webadmin: RPORT 1000
exploit/unix/webapp/webmin_show_cgi_exec: RPORT 10000
exploit/windows/backupexec/remote_agent: RPORT 10000
exploit/windows/oracle/osb_ndmp_auth: RPORT 10000
exploit/multi/misc/zend_java_bridge: RPORT 10001
exploit/windows/misc/gimp_script_fu: RPORT 10008