This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| while true; do | |
| ip=$(zmap --verbosity 0 -p 80 -N 1 -q -o -) | |
| version=$(curl -I -s -m 4 $ip | grep -i 'X-Powered-By' | awk -F ":" '{print $2}') | |
| if [ "$version" != "" ];then | |
| echo "$ip:$version" >> log.txt | |
| fi | |
| done |
misterch0c
/ sample
Created
March 12, 2016 12:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ***Firmware Directory*** | |
| /home/unkn0wn/firmwares/wn/_rootfs.squashfs.extracted/squashfs-root/ | |
| ***Search for password files*** | |
| ##################################### passwd | |
| /usr/bin/passwd | |
| /etc/passwd | |
| ##################################### shadow | |
| /etc/shadow |
misterch0c
/ firmadyneauto.sh
Created
April 22, 2016 09:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Use the extractor to recover only the filesystem, no kernel (-nk), no parallel operation (-np), populating the image table in the SQL server at 127.0.0.1 (-sql) with the Netgear brand (-b), and storing the tarball in images. | |
| sources/extractor/extractor.py -b Netgear -sql 127.0.0.1 -np -nk "WNAP320 Firmware Version 2.0.3.zip" images | |
| #Identify the architecture of firmware 1 and store the result in the image table of the database. | |
| scripts/getArch.sh images/1.tar.gz | |
| #Load the contents of the filesystem for firmware 1 into the database, populating the object and object_to_image tables. | |
| scripts/tar2db.py -i 1 -f images/1.tar.gz | |
| #Create the QEMU disk image for firmware 1 | |
| scripts/makeImage.sh 1 |
misterch0c
/ gist:ed62048e30dbdd2b0d35bd7a287d1e2e
Created
June 8, 2016 19:49
Kernel 4.6.1-2 & VMware Workstation 12.1.1 build-3770994 patch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cd /usr/lib/vmware/modules/source | |
| sudo tar xvf /usr/lib/vmware/modules/source/vmmon.tar | |
| cd vmmon-only | |
| #open linux/hostif.c and replace 'get_user_pages' by 'get_user_pages_remote' | |
| sudo tar cvf /usr/lib/vmware/modules/source/vmmon.tar vmmon-only | |
| sudo tar xvf /usr/lib/vmware/modules/source/vmnet.tar | |
| cd vmnet-only | |
| #open linux/userif.c and replace 'get_user_pages' by 'get_user_pages_remote' | |
| sudo tar cvf /usr/lib/vmware/modules/source/vmnet.tar vmnet-only |
misterch0c
/ vmwarefix-kernel4.7
Last active
August 12, 2016 07:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Step 1: Extract source | |
| tar xvf /usr/lib/vmware/modules/source/vmnet.tar | |
| # Step 2: Patch source | |
| open /usr/lib/vmware/modules/sources/vmnet-only/netif.c | |
| replace "dev->trans_start = jiffies;" with "netif_trans_update(dev);" and don't forget the ";" (: | |
| # Step 3: Replace source | |
| tar cvf /usr/lib/vmware/modules/source/vmnet.tar vmnet-only |
misterch0c
/ conky.conf
Last active
September 18, 2016 09:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BTC ${texeci 300 curl https://api.bitcoinaverage.com/ticker/global/USD/last} $alignr | |
| #ETH price in btc | |
| ETH ${texeci 300 curl https://api.kraken.com/0/public/Ticker?pair=ETHXBT | jq ".result.XETHXXBT.b[0]" | grep -oE "[0-9]*\....."} | |
| #ETH price in usd | |
| #ETH ${texeci 300 curl https://api.coinmarketcap.com/v1/ticker/ethereum/ | grep "price_usd" | grep -oE "[0-9]*\....."} |
misterch0c
/ conky.conf
Created
September 18, 2016 10:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alignment top_middle | |
| background no | |
| border_margin 5 | |
| border_width 5 | |
| default_color d7d7d7 #413536 # grey 5f5f5f 3F3F3F 183149 3B3B3B 26211F | |
| double_buffer yes | |
| draw_borders no | |
| draw_outline no | |
| draw_shades no | |
| draw_graph_borders yes |
misterch0c
/ upwned247.php
Created
November 29, 2016 17:54
— forked from Wack0/upwned247.php
UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision/others IoT webcams : remote code exec: reverse shell PoC. (works only in qemu usermode)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| NB: THIS PoC ONLY WORKS IN QEMU USERMODE EMULATION! | |
| If anyone wants to fix this, go ahead (no pun intended). | |
| However, I don't have a vulnerable product and am unwilling to acquire one. | |
| ------------------------- | |
| UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision/others | |
| remote code exec: reverse shell PoC. |
misterch0c
/ pamcam
Last active
January 12, 2022 06:36
Take a screenshot when someone enters a wrong password
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/etc/pam.d/system-auth | |
| #%PAM-1.0 | |
| # Jump two rules if login succeeds. | |
| auth [success=2 default=ignore] pam_unix.so nullok_secure | |
| auth optional pam_exec.so /home/pamcam.sh | |
| auth requisite pam_deny.so | |
| # User gets here if authentication is successful. No denying, no cam module. | |
| auth required pam_unix.so try_first_pass nullok |
misterch0c
/ shadowbroker
Created
April 14, 2017 09:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| βββ matree | |
| βββ swift | |
| βΒ Β βββ 00503_0_254.242_2013mar02 | |
| βΒ Β βββ 00546_0_ensbdasa-09aug2013 | |
| βΒ Β βββ 00553_0_ensbdpix3-09aug2013 | |
| βΒ Β βββ 00554_0_ensbdpix4-09aug2013 | |
| βΒ Β βββ 00555_0_ensbdrtr1-2013aug09 | |
| βΒ Β βββ 00557_0_ENSBDVPN1-02AUG2013 | |
| βΒ Β βββ 00558_0_ENSBDVPN2-02AUG2013 |
OlderNewer