Lisa Voigtländer userlandkernel

## altijd-bonusbox.py
#!/usr/bin/env python3
"""
    Project AlbertPWN
    (c) 2021, Sem Voigtlander (@userlandkernel)
"""
import sys
import os
import struct
import time
import requests

## AHDJAKDHKJAHDA.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                userlandkernel
                / AHDJAKDHKJAHDA.md
            
            
              Created
              September 13, 2021 10:35
            
              
                AHDJAKDHKJAHDA
              
          
    AHDJAKDHKJAHDA

A walkthrough
The first flag


Lookup the network for your virtual machine's NAT adapter with the ifconfig command.
Perform a host scan with the most common ports on the network (ex: nmap -v -sN 10.0.0.1/24 -F).
Note a webserver running on port 80, ssh on port 22, mysql on port 3306 and an unknown service on port 25565.
Make a request to the webservice and notice it is an instance of phpBB, a discussion forum application.
Notice the board's name is minecraft.
Check the version numbers and search the web for it, no vulnerabilities exist by default in this version.


## subliminal.sh
#!/usr/bin/env bash
# I do not encourage piracy but still wanted to write this script
# @userlandkernel 2020

# Download old version of sublime text
curl https://download.sublimetext.com/files/sublime-text_build-3103_amd64.deb -o /tmp/sublimetext.deb

# Install it
sudo dpkg -i /tmp/sublimetext.deb

## usbforix.c
/**
 * USB Forenic Analyzer
 * Written by @userlandkernel
 * Powered by the free and opensource libusb (https://libusb.org)
*/
#include <stdio.h>
#include <stdint.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>

## getprocs.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

extern int proc_pidpath(int pid, void * buffer, uint32_t  buffersize);

#define MAXPATHLEN 1024
#define PROC_PIDPATHINFO_MAXSIZE MAXPATHLEN*4
#define MAXCOMLEN   16

## autoappinstall
CONF_DSID="12345678"
CONF_EMAIL="automation@phonecheck.com"
CONF_ARTWORK="https://placehold.it/400x400"

if [ ! -f "$1" ]; then
	echo "Usage: $0 /path/to/app.ipa"
	exit 1;
fi

function unpack() {

## asm.sh
function MMU_ERROR(){
	echo -e "MMU_PANIC: $1" >&2;
	while true;do
		SPIN_FOREVER=1;
	done
	exit 1;
}

function JIT_ERROR(){
	echo -e "JIT Error: $1" >&2;

## macsetup.sh
mkdir /tmp/macsetup
cd /tmp/macsetup

## First we install homebrew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

## Then we install the caskroom
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null

## Install some dependencies and tools

## AGX zeroday
afDIGHr84A84jh19Kphgp428DNPdnapq


20:29:15.2763|l

20:29:16.4317|ls

20:29:17.6629|s000151.119712 wlan0.A[124] setStatsTimerIntervalMS@3046: Configured delta_stats_interval(secs): 1
20:29:21.6546|000151.129102 wlan0.A[125] setLQM_CONFIG@21420:Setting ECounter update interval to: 1

## diagsj72ap.log
help

DiagShell builtin commands:
 "time"		time <command-line ...>
 "echo"		echo <arguments ...>
 "waitfor"	waitfor <timeout-milliseconds> <string-to-match>
 "repeat"	repeat <time-spec> <command line ...>
 "alias"	alias [<name>[=<command line>]]
 "unalias"	unalias <name>
 "true"		true
	#!/usr/bin/env python3
	"""
	Project AlbertPWN
	(c) 2021, Sem Voigtlander (@userlandkernel)
	"""
	import sys
	import os
	import struct
	import time
	import requests
	#!/usr/bin/env bash
	# I do not encourage piracy but still wanted to write this script
	# @userlandkernel 2020

	# Download old version of sublime text
	curl https://download.sublimetext.com/files/sublime-text_build-3103_amd64.deb -o /tmp/sublimetext.deb

	# Install it
	sudo dpkg -i /tmp/sublimetext.deb
	/**
	* USB Forenic Analyzer
	* Written by @userlandkernel
	* Powered by the free and opensource libusb (https://libusb.org)
	*/
	#include <stdio.h>
	#include <stdint.h>
	#include <stdbool.h>
	#include <stdlib.h>
	#include <string.h>
	CONF_DSID="12345678"
	CONF_EMAIL="automation@phonecheck.com"
	CONF_ARTWORK="https://placehold.it/400x400"

	if [ ! -f "$1" ]; then
	echo "Usage: $0 /path/to/app.ipa"
	exit 1;
	fi

	function unpack() {
	function MMU_ERROR(){
	echo -e "MMU_PANIC: $1" >&2;
	while true;do
	SPIN_FOREVER=1;
	done
	exit 1;
	}

	function JIT_ERROR(){
	echo -e "JIT Error: $1" >&2;
	mkdir /tmp/macsetup
	cd /tmp/macsetup

	## First we install homebrew
	/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

	## Then we install the caskroom
	ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null

	## Install some dependencies and tools
	afDIGHr84A84jh19Kphgp428DNPdnapq



	20:29:15.2763\|l

	20:29:16.4317\|ls

	20:29:17.6629\|s000151.119712 wlan0.A[124] setStatsTimerIntervalMS@3046: Configured delta_stats_interval(secs): 1
	20:29:21.6546\|000151.129102 wlan0.A[125] setLQM_CONFIG@21420:Setting ECounter update interval to: 1
	help

	DiagShell builtin commands:
	"time" time <command-line ...>
	"echo" echo <arguments ...>
	"waitfor" waitfor <timeout-milliseconds> <string-to-match>
	"repeat" repeat <time-spec> <command line ...>
	"alias" alias [<name>[=<command line>]]
	"unalias" unalias <name>
	"true" true