itsmenaga

## log4j_rce_check.py
#! /usr/bin/env python3

'''
    Needs Requests (pip3 install requests)

    Author: Marcello Salvati, Twitter: @byt3bl33d3r
    License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)


    This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.

## building-patch-report-for-windows.ps1
# Quickly allow filtering of the available updates by using the Out-GridView cmdlet
Import-Csv -Path 'C:\computers.txt' | Get-WindowsUpdate | Out-GridView

# Export the Results of Windows Update to a CSV File
Import-Csv -Path 'C:\computers.txt' | Get-WindowsUpdate | Export-CSV -Path '.\WindowsUpdate.csv' -NoTypeInformation -Force

Import-Csv -Path '.\WindowsUpdate.csv'

Function Out-WindowsUpdateReport {
	<#

## slackpost.sh
#!/usr/bin/env bash

# CONFIG
URL="https://hooks.slack.com/services/..."
PAYLOAD='{
  "channel": "#test",
  "username": "Ghost",
  "text": "no-message",
  "icon_emoji": ":ghost:"
}'

## PoC_CVE-2021-28482.py
import requests
import time
import sys
from base64 import b64encode
from requests_ntlm2 import HttpNtlmAuth
from urllib3.exceptions import InsecureRequestWarning
from urllib import quote_plus

requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

## shodan_api_query.py
# -*- coding: utf-8 -*-
import requests
import time
import os
import json
import sys

headers = {
    'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',

## s3tko.sh
#!/bin/bash
touch index.html
touch error.html
aws s3api create-bucket --bucket $1 --region us-east-1
aws s3 website s3://$1/ --index-document index.html --error-document error.html
aws s3 cp index.html s3://$1 --acl public-read
aws s3 cp error.html s3://$1 --acl public-read

## user.js
// Mozilla User Preferences
// To change a preference value, you can either:
// - modify it via the UI (e.g. via about:config in the browser); or
// - set it within a user.js file in your profile (create it if it doesn't exist).
//
// Profile folder location on different systems:
// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default
// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default
// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default

## dicom-bruteforce.py
#/usr/bin/env python3
# run me with ulimits -n 2048

import itertools
import string
from pydicom.dataset import Dataset
from pynetdicom import AE, QueryRetrievePresentationContexts
from pynetdicom.sop_class import PatientRootQueryRetrieveInformationModelFind
import sys
import time

## ejs.sh
curl -L -k -s https://www.example.com | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(\>\>\>)|(['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu

function ejs() {
  curl -L -k -s "$1" | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu
}

## openinbrowser.py
#! /usr/bin/python3
import webbrowser, sys

if len(sys.argv) < 3:
    print("Usage: openinbrowser.py ./urls.txt 20")
    quit()

f = open(sys.argv[1])
tabs = int(sys.argv[2])
counter = 1
	#! /usr/bin/env python3

	'''
	Needs Requests (pip3 install requests)

	Author: Marcello Salvati, Twitter: @byt3bl33d3r
	License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)


	This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.
	# Quickly allow filtering of the available updates by using the Out-GridView cmdlet
	Import-Csv -Path 'C:\computers.txt' \| Get-WindowsUpdate \| Out-GridView

	# Export the Results of Windows Update to a CSV File
	Import-Csv -Path 'C:\computers.txt' \| Get-WindowsUpdate \| Export-CSV -Path '.\WindowsUpdate.csv' -NoTypeInformation -Force

	Import-Csv -Path '.\WindowsUpdate.csv'

	Function Out-WindowsUpdateReport {
	<#
	#!/usr/bin/env bash

	# CONFIG
	URL="https://hooks.slack.com/services/..."
	PAYLOAD='{
	"channel": "#test",
	"username": "Ghost",
	"text": "no-message",
	"icon_emoji": ":ghost:"
	}'
	import requests
	import time
	import sys
	from base64 import b64encode
	from requests_ntlm2 import HttpNtlmAuth
	from urllib3.exceptions import InsecureRequestWarning
	from urllib import quote_plus

	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
	# -- coding: utf-8 --
	import requests
	import time
	import os
	import json
	import sys

	headers = {
	'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0',
	'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8',
	#!/bin/bash
	touch index.html
	touch error.html
	aws s3api create-bucket --bucket $1 --region us-east-1
	aws s3 website s3://$1/ --index-document index.html --error-document error.html
	aws s3 cp index.html s3://$1 --acl public-read
	aws s3 cp error.html s3://$1 --acl public-read
	// Mozilla User Preferences
	// To change a preference value, you can either:
	// - modify it via the UI (e.g. via about:config in the browser); or
	// - set it within a user.js file in your profile (create it if it doesn't exist).
	//
	// Profile folder location on different systems:
	// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default
	// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default
	// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default
	#/usr/bin/env python3
	# run me with ulimits -n 2048

	import itertools
	import string
	from pydicom.dataset import Dataset
	from pynetdicom import AE, QueryRetrievePresentationContexts
	from pynetdicom.sop_class import PatientRootQueryRetrieveInformationModelFind
	import sys
	import time
	curl -L -k -s https://www.example.com \| tac \| sed "s#\\\/#\/#g" \| egrep -o "src['\"]?\s[=:]\s['\"]?[^'\"]+.js[^'\"> ]" \| awk -F '//' '{if(length($2))print "https://"$2}' \| sort -fu \| xargs -I '%' sh -c "curl -k -s \"%\" \| sed \"s/[;}\)>]/\n/g\" \| grep -Po \"(\>\>\>)\|(['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\|(\.(get\|post\|ajax\|load)\s\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\"" \| awk -F "['\"]" '{print $2}' \| sort -fu

	function ejs() {
	curl -L -k -s "$1" \| tac \| sed "s#\\\/#\/#g" \| egrep -o "src['\"]?\s[=:]\s['\"]?[^'\"]+.js[^'\"> ]" \| awk -F '//' '{if(length($2))print "https://"$2}' \| sort -fu \| xargs -I '%' sh -c "curl -k -s \"%\" \| sed \"s/[;}\)>]/\n/g\" \| grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\|(\.(get\|post\|ajax\|load)\s\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"]{5,})\"" \| awk -F "['\"]" '{print $2}' \| sort -fu
	}
	#! /usr/bin/python3
	import webbrowser, sys

	if len(sys.argv) < 3:
	print("Usage: openinbrowser.py ./urls.txt 20")
	quit()

	f = open(sys.argv[1])
	tabs = int(sys.argv[2])
	counter = 1