caleBot caleBot
caleBot
/ .bash_profile
Created
August 4, 2020 17:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: This file holds all my BASH configurations and aliases | |
| # | |
| # Sections: | |
| # 1. Environment Configuration | |
| # 2. Make Terminal Better (remapping defaults and adding functionality) | |
| # 3. File and Folder Management | |
| # 4. Searching | |
| # 5. Process Management | |
| # 6. Networking | |
| # 7. System Operations & Information |
caleBot
/ http-vuln-cve2018-8733.nse
Last active
April 26, 2018 19:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local http = require "http" | |
| local shortport = require "shortport" | |
| local string = require "string" | |
| local stdnse = require "stdnse" | |
| local vulns = require "vulns" | |
| local table = require "table" | |
| description = [[ | |
| NagiosXI versions before 5.4.13 are vulnerable to an unauthenticated remote root exploit. This unobtrusive script simply sends a single HTTP GET |
caleBot
/ gist:ed31a416d4cb70ed837004d5878d56bc
Created
April 23, 2018 16:46
msf create_credential() help
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PROBLEM: | |
| not all fields are populating in the creds db | |
| Running this code: | |
| create_credential( | |
| origin_type: :service, | |
| address: '192.168.1.100', | |
| port: 445, | |
| service_name: 'smb', | |
| protocol: 'tcp', |
caleBot
/ gist:f0a93b5a98574393e0139104eacc2d0f
Created
April 17, 2018 19:36
NagiosXI remote root vulnerability CVE-2018-8733, CVE-2018-8734, CVE-2018-8735, CVE-2018-8736
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| These vulnerabilities together result in NagiosXI being vulnerable to an unauthenticated remote root command injection. | |
| CVE-2018-8733 | |
| Authentication bypass vulnerability in the core config manager in | |
| Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated | |
| attacker to make configuration changes and leverage an authenticated | |
| SQL injection vulnerability. | |
| CVE-2018-8734 |