I hereby claim:
- I am shaheemirza on github.
- I am shaheemirza (https://keybase.io/shaheemirza) on keybase.
- I have a public key ASBTxO-YmsRzRF9C1e7DfUKX7EMIPJui-OwN0ml7-w7DXgo
To claim this, I am signing this object:
# CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? ) | |
# @0xSha | |
# (C) 2020 0xSha.io | |
# Advisory : https://www.solarwinds.com/securityadvisory | |
# Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip | |
# Details : https://kb.cert.org/vuls/id/843464 | |
# C:\inetpub\SolarWinds\bin\OrionWeb.DLL | |
# According to SolarWinds.Orion.Web.HttpModules |
<?xml version="1.0" encoding="UTF-8"?> | |
<ruleset name="Laravel and similar phpmd ruleset" | |
xmlns="http://pmd.sf.net/ruleset/1.0.0" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://pmd.sf.net/ruleset/1.0.0 http://pmd.sf.net/ruleset_xml_schema.xsd" | |
xsi:noNamespaceSchemaLocation="http://pmd.sf.net/ruleset_xml_schema.xsd"> | |
<description> | |
Inspired by https://github.com/phpmd/phpmd/issues/137 | |
using http://phpmd.org/documentation/creating-a-ruleset.html | |
</description> |
#Packet sniffer in python for Linux | |
#Sniffs only incoming TCP packet | |
import socket, sys | |
from struct import * | |
#create an INET, STREAMing socket | |
try: | |
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP) | |
except socket.error , msg: |
I hereby claim:
To claim this, I am signing this object:
### ElasticSearch version | |
if [ -z "$1" ]; then | |
echo "" | |
echo " Please specify the Elasticsearch version you want to install!" | |
echo "" | |
echo " $ $0 1.7.1" | |
echo "" | |
exit 1 | |
fi |
import os | |
import sys | |
import time | |
import struct | |
import select | |
import binascii | |
import bluetooth | |
from bluetooth import _bluetooth as bt |
"C:\Program Files (x86)\IBM\Lotus\Notes\Notes.exe" "=N:\Lotus\Notes\Data\notes.ini" -Command if((Get-ExecutionPolicy ) -ne AllSigned) { Set-ExecutionPolicy -Scope Process Bypass } | |
NLNOTES.EXE /authenticate "=N:\Lotus\Notes\Data\notes.ini" -Command if((Get-ExecutionPolicy ) -ne AllSigned) { Set-ExecutionPolicy -Scope Process Bypass } | |
Hashes of each binary (prepare for onslaught of md5 naysayers): | |
Notes.exe — 8f633ef1e1147637c25dd917909cd361 | |
NLNOTES.EXE — 3586b9069a1d4e1c63d9c9cf95cf4126 |
#!/usr/bin/python | |
from impacket import smb | |
from struct import pack | |
import os | |
import sys | |
import socket | |
''' | |
EternalBlue exploit for Windows 8 and 2012 by sleepya | |
The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
local smb = require "smb" | |
local vulns = require "vulns" | |
local stdnse = require "stdnse" | |
local string = require "string" | |
description = [[ | |
Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code | |
execution vulnerability (ms17-010). | |
The script connects to the $IPC tree, executes a transaction on FID 0 and |
description=[[ | |
CVE-2017-3599 - remote unauthenticated Denial of Service against Oracle MySQL. | |
Warning: This WILL cause DoS on vulnerable mysql machines. | |
Thanks: SECWORKS, hackers.mu team. | |
]] | |
--- | |
--@usage nmap -sU -p <portnum> --script mysql-vuln-cve2017-3599 --script-args mysql-vuln-cve2017-3599.ports=<ports> <target> | |
--@output | |
--PORT STATE SERVICE |