This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# in a scenario where you have a non-interactive shell, and need to use discovered SSH credentials (not private keys) from cli and don't | |
# want to/can't install expect/sshpass | |
# usage would be create script on target host, and use the non interactive shell to chmod +x/execute script from target | |
# if calling with bash need to give full path to script even if operating in same directory | |
#video at https://www.youtube.com/watch?v=-YlG9M9X2Oc | |
#!/bin/bash | |
SSH_USER=testuser | |
SSH_PASS="password123" | |
SSH_HOST=127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import random | |
header_names = ['User-Agent'] | |
ua = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36', 'Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36'] | |
if (messageIsRequest): | |
request = helpers.analyzeRequest(messageInfo) | |
headers = request.getHeaders() | |
for header_name in header_names: |