Skip to content

Instantly share code, notes, and snippets.

@fakessh
fakessh / mysqluserenum.pl
Created December 2, 2012 01:06
mysqluserenum.pl
# MySQL User Account Enumeration Utility
# When an attacker authenticates using an incorrect password
# with the old authentication mechanism from mysql 4.x and below to a mysql 5.x server
# the mysql server will respond with a different message than Access Denied, what makes
# User Account Enumeration possible.
# The Downside is that the attacker has to reconnect for each user enumeration attempt
#20000 user accounts in 7 minutes
#Mon Jan 16 09:00:18 UTC 2012
#Mon Jan 16 09:07:26 UTC 2012
#root@vs2067037:~# wc -l MEDIUM.LST
@fakessh
fakessh / client.c
Created November 23, 2012 21:42
client.c flood
#include <stdio.h>
#include <getopt.h>
#include <netinet/ip.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
@fakessh
fakessh / hashcrc32.c
Created November 14, 2012 18:29
compute hash from crc32 algorythmes
/**************************************************************
* *
* Fichier : crc32.c *
* Fonctions pour calculer le hash CRC32 *
* *
**************************************************************/
/* Table of CRCs of all 8-bit messages. */
unsigned long crc32_table[256];
/* Flag: has the table been computed? Initially false. */
int crc32_table_computed = 0;
@fakessh
fakessh / httpsd_access_log
Created November 8, 2012 17:11
plesk attack log
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:09 -0700] "POST /login_up.php3 HTTP/1.1" 200 966 "Referer: htts://{removed}:8443/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5"
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:11 -0700] "GET / HTTP/1.1" 200 1474 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5"
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:15 -0700] "POST /plesk/client@1/domain@/?context=domains HTTP/1.1" 200 59408 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5"
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:19 -0700] "GET /plesk/client@1/domain@3/hosting/file-manager/edit/?cmd=chdir&file=/httpdocs/media/system/js/ HTTP/1.1" 200 71214 "https://{removed}:8443/plesk/client@1/domain@3/hosting/file-manager/edit/?cmd=chdir&file=/httpdocs/media/system/js/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko)
@fakessh
fakessh / permute.pl
Created November 7, 2012 15:45
generate permutation with Algorithm::Permute
#!/usr/bin/perl
use Algorithm::Permute;
my $p = new Algorithm::Permute(['a'..'d']);
while (@res = $p->next) {
print join(", ", @res), "\n";
}
@fakessh
fakessh / permuteperl.pl
Created November 7, 2012 15:35
generate permutation with Algorithm::Permute
#!/usr/bin/perl
use Algorithm::Permute;
my @array = (1..9);
Algorithm::Permute::permute { print "@array\n" } @array;
@fakessh
fakessh / generatepermutation.pl
Created November 7, 2012 15:32
generates numerically sorted permutation
#!/usr/bin/perl
use List::Permutor;
my $permutor = List::Permutor->new( 0, 1, 2);
while ( my @permutation = $permutor->next() ) {
print "@permutation\n";
}
@fakessh
fakessh / nc.patch
Created October 10, 2012 22:47
nc create backdoor registry and email for nc111nt
Les fichiers binaires /home/swilting/Téléchargements/nc/doexec.o et /home/swilting/nc-win-backdoor-nc-win-backdoor/doexec.o sont différents.
diff -crB /home/swilting/Téléchargements/nc/getopt.c /home/swilting/nc-win-backdoor-nc-win-backdoor/getopt.c
*** /home/swilting/Téléchargements/nc/getopt.c 1996-11-06 22:40:36.000000000 +0100
--- /home/swilting/nc-win-backdoor-nc-win-backdoor/getopt.c 2012-10-26 15:30:01.812133992 +0200
***************
*** 45,51 ****
#include <stdio.h>
#ifdef WIN32
! #include <string.h>
@fakessh
fakessh / pocrecursionkernel.sh
Last active October 11, 2015 13:47
pocrecursionkernel.sh
#!/bin/bash
# This software is provided by the copyright owner "as is" and any
# expressed or implied warranties, including, but not limited to,
# the implied warranties of merchantability and fitness for a particular
# purpose are disclaimed. In no event shall the copyright owner be
# liable for any direct, indirect, incidential, special, exemplary or
# consequential damages, including, but not limited to, procurement
# of substitute goods or services, loss of use, data or profits or
# business interruption, however caused and on any theory of liability,
# whether in contract, strict liability, or tort, including negligence
@fakessh
fakessh / winntserverservice2003.c
Created October 9, 2012 11:48
winntserverservice2003.c
#define _WIN32_WINNT 0x0502 // Windows Server 2003 family
// For Win Xp, change accordingly...
#define _WIN32_WINNT 0x0501
// #define _WIN32_WINNT 0x0500 // Windows 2000
// #define _WIN32_WINNT 0x0400 // Windows NT 4.0