Skip to content

Instantly share code, notes, and snippets.

View z0rs's full-sized avatar

z0rs

12 followers · 0 following
View GitHub Profile
@z0rs
z0rs / SubDomain.md
Created October 28, 2024 09:56

lampungprov.go.id jatimprov.go.id jatimprov.go.id jabarprov.go.id sulutprov.go.id sulutprov.go.id kaltaraprov.go.id kepriprov.go.id sumbarprov.go.id jabarprov.go.id

@z0rs
z0rs / Singapore.md
Created October 28, 2024 08:20

mci.gov.sg cpf.gov.sg hdb.gov.sg ema.gov.sg ura.gov.sg nhb.gov.sg nparks.gov.sg sfa.gov.sg nric.gov.sg nrb.gov.sg

@z0rs
z0rs / province.md
Created October 28, 2024 07:30

acehprov.go.id sumutprov.go.id sumbarprov.go.id riau.go.id kepriprov.go.id jambiprov.go.id bengkuluprov.go.id sumselprov.go.id babelprov.go.id lampungprov.go.id

@z0rs
z0rs / Soc.md
Last active October 6, 2024 13:16

Incident Summary

This report outlines the compromise of a WordPress server exploited through a vulnerable plugin by a threat actor. The attack, simulated in HackTheBox's Sherlock: Ultimatum challenge, targeted a known vulnerability in the Ultimate Member plugin, enabling the attacker to create a backdoor admin account and gain full control over the server. This detailed report examines the attack timeline, indicators of compromise (IoCs), and post-exploitation activities.

1. Objective

The objective of this investigation was to analyze the compromise of a WordPress server suspected of being attacked via a vulnerable plugin. The aim was to identify the exploit, document the attacker's methods, and gather actionable intelligence for remediation.

@z0rs
z0rs / Delete.js
Last active September 1, 2024 16:01
const deleteTweetsBetweenDates = async (startDate, endDate) => {
const processedButtons = new Set();
const delay = (ms) => new Promise(resolve => setTimeout(resolve, ms));
console.log("Script started");
while (true) {
console.log("Looking for tweets...");
const deleteButtons = Array.from(document.querySelectorAll('[data-testid="caret"]'))
@z0rs
z0rs / Penetration Testing Report (Temika).md
Last active August 23, 2024 16:36
@z0rs
z0rs / SSL Splitting.md
Last active July 23, 2024 12:08

Dalam kasus ini, interface yang aktif adalah wlp2s0 dengan IP 192.168.8.2(ip addr) dan gateway 192.168.8.1 (ip route show).

Step 1: Install Tools

Pastikan arpspoof, sslsplit, dan dsniff. Ini biasanya tersedia di Arch Linux.

sudo pacman -S dsniff sslsplit

Step 2: ARP Spoofing

@z0rs
z0rs / hotsplot.md
Last active July 23, 2024 06:48 
#!/bin/bash

# Variables
HOSTAPD_CONF="/etc/hostapd/hostapd.conf"
DNSMASQ_CONF="/etc/dnsmasq.conf"
HOTSPOT_IP="192.168.20.1"
DHCP_RANGE_START="192.168.20.10"
DHCP_RANGE_END="192.168.20.50"
@z0rs
z0rs / Man-in-the-Middle (MITM) Attack.md
Created July 17, 2024 14:04

3. Man-in-the-Middle (MITM) Attack

Tools: ettercap, mitmproxy, Wireshark

Langkah-langkah:

A. ARP Spoofing dengan Ettercap

  1. Install Ettercap: 
    sudo apt-get install ettercap-graphical
@z0rs
z0rs / Penetration Test Report of Findings.md
Last active May 20, 2024 19:03