| /** | |
| * @param target url such as test.ch | |
| * @return set of subdomains that have at one point a https cert | |
| */ | |
| public static HashSet<String> runCRTSH(String target){ | |
| HashSet<String> subdomainSet = new HashSet<String>(); | |
| try { | |
| String html = HTTP.get("https://crt.sh/?q=%25."+target); | |
| Document doc = Jsoup.parse(html); | |
| Elements elements = doc.select("td"); |
Abusing missing input sanitization in Zimbra ZCS leads to arbitary JavaScript being loaded when opening an email. Credits to: Securify.nl https://www.securify.nl/advisory/SFY20180101/cross-site-scripting-vulnerability-in-zimbra-collaboration-suite-due-to-the-way-it-handles-attachment-links.html
No restart are required on your Zimbra servers.
$ cd /opt/zimbra/jetty_base/webapps/zimbra/js/
$ gunzip -S zgz MailCore_all.js.zgz
This guide will help you set up a red team phishing infrastructure as well as creating, perform and evaluate a phishing campaign. This is the basic lifecycle of your phishingn campaign:
+---------------------+
|Get Hardware | Order / setup a vServer
+---------------------+
+---------------------+
|Setup | Install Gophish & Mail Server
+---------------------+
| #!/bin/bash | |
| if ! [ -x "$(command -v zip)" ]; then | |
| echo 'Error: zip is not installed.' >&2 | |
| exit 1 | |
| fi | |
| if ! [ -x "$(command -v unzip)" ]; then | |
| echo 'Error: unzip is not installed.' >&2 | |
| exit 1 | |
| fi |
| <?php | |
| function smtpSend($to, $from, $message, $host, $port, &$error){ | |
| $recipientString=""; | |
| if ($h = fsockopen($host, $port, $errno, $errstr, 5)){ | |
| $data = array(); | |
| array_push($data, 0); | |
| array_push($data, "EHLO $host"); | |
| array_push($data, "MAIL FROM: <$from>"); | |
| if(is_array($to)){ | |
| foreach ($to as $toRcpt) { |
| public class SecureHTTPClient { | |
| public static CloseableHttpClient getSecureHTTPClient() { | |
| try { | |
| SSLContext sslContext = SSLContexts.createDefault(); | |
| SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, | |
| new String[]{"TLSv1.2"}, | |
| new String[]{"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, | |
| SSLConnectionSocketFactory.getDefaultHostnameVerifier()); | |
| return HttpClients.custom() |
| #!/usr/bin/expect | |
| # Usage: ./sendmail.sh 192.168.200.1 from@domain.ch to@hdomain.ch "Some Subject" "Some Text\r\nSome more Text!" | |
| # Prerequisites: apt-get install expect | |
| set mailserver [lrange $argv 0 0] | |
| set from [lrange $argv 1 1] | |
| set to [lrange $argv 2 2] | |
| set subject [lrange $argv 3 3] | |
| set message [lrange $argv 4 4] | |
| // convert json string into pojo | |
| public static Object getAsObject(String json, Class<?> objClass) throws Exception { | |
| JsonParser jParser = new JsonParser(); | |
| JsonObject jObj = (JsonObject) jParser.parse(json); | |
| Object obj = objClass.getDeclaredConstructor().newInstance(); | |
| Field[] fields = objClass.getDeclaredFields(); | |
| for (int i = 0; i < fields.length; i++) { | |
| String fieldName = fields[i].getName(); | |
| Field field = obj.getClass().getDeclaredField(fieldName); |
| server.modules += ( "mod_proxy" ) | |
| server.modules += ( "mod_auth" ) | |
| auth.debug = 2 | |
| auth.backend = "plain" | |
| auth.backend.plain.userfile = "/var/lighttpd/.lighttpdpassword" | |
| $HTTP["host"] == "example.localch" { |
| <html> | |
| <br> | |
| Day: | |
| <select> | |
| <option value="">0</option> | |
| <option value="">1</option> | |
| <option value="">2</option> | |
| <option value="">3</option> | |
| </select> | |
| <select> |