Jump to content

operat0r_001

Active Members
  • Posts

    327
  • Joined

  • Last visited

  • Days Won

    1

Recent Profile Visitors

16,804 profile views

operat0r_001's Achievements

  1. likly a false positive ... https://websec.ca/kb/sql_injection I like to start with fuzzdb's https://raw.githubusercontent.com/ethicalhack3r/fuzzdb/master/attack-payloads/all-attacks/interesting-metacharacters.txt with ZAP and burp as a proxy for ZAP ;P
  2. From what I can tell there is no 'easy' way to set file associations in windows. It has always been a pain because you have system level associations and user level associations for EVERY USER on the system... anyway lets stop Windows Media Player for GOOD. Sick of Windows Media Player always popping up when you click any media? Maybe you have more than one login or app that constantly tries to take over your file associations? Use this script to set them right! Run as administrator to reset Windows Media Player extensions it hijacks: http://rmccurdy.com/scripts/ ftype_wipe.exe These include: .MMS,.WTV,.3G2,.3GP,.ADTS,.AIFF,.ASF,.ASX,.AU,.AVI,.CDA,.M2TS,.m3u,.M4A,.MIDI,.mov,.mp3,.mp4,.MPEG,.TTS,.WAV,.WAX,.wma,.WMD,.WMS,.WMV,.WMZ,.WPL,.WVX Example of command line I use to set file associations: http://rmccurdy.com/scripts/ acc.bat.txt Source code to the binary that is just a 7-zip SFX Self Extracting zip with a Windows Batch file in it : http://rmccurdy.com/scripts/ ftype_wipe.bat.txt
  3. So ya duh .. updated to kill firefox first before it does anything as if flash is in use you can't delete it .. the ping 123.123.123.123 is lazy way to do a sleep or timer back in my day :) so I still use it today
  4. Here we go again! Updated Flash or Firefox at some point it broke blocking ads. What I found is that YouTube was forcing HTML5 and not flash. Plugin to fix HTML5 on YouTube: https://addons.mozilla.org/en-us/firefox/addon/youtube-flash-player/ Grease Monkey script to block YouTube ads and Annotations (YousableTubeFix): http://userscripts-mirror.org/scripts/show/13333 My FU-LASH update script (Portable Firefox users) : http://rmccurdy.com/scripts/ FU-LASH.EXE Post on blocking ADS and Annotations on YouTube for ANDROID: https://www.linkedin.com/pulse/block-ads-android-youtube-tubemate-adblock-edge-luck-patcher-mccurdy?trk=mp-reader-card
  5. Well ya but I just decompile/recomple the apk so it shoudl just RUN ... IE I did nothing to the APK just recompiled it ..how do I include whats missing in VTS before I compile ... also why is this all missing I guess because it only decomiles what it uses or something ?
  6. operat0r_001

    NZB 360

    * I can't get it to open just decompile/recompiling the APK * http://nzb360.com/apk/nzb360.apk * I set it to 4.0 and 4.0.3 get the same errors .. ( based on targetSdkVersion and sdkVersion ) see : developer.android.com/reference/android/os/Build.VERSION_CODES.html * all I like to try is replace url accountstatus.php in \sabconnect\helpers\NZB360LicenseAPI to something else for POC testing * may need more then just URL patch.. I would assume .. lots of stuff the APK around license etc .. Here is a dump of the APK info: aapt dump badging c:\delete\nzb360.apk package: name='com.kevinforeman.sabconnect' versionCode='70' versionName='8.2' uses-permission:'android.permission.INTERNET' uses-permission:'android.permission.ACCESS_NETWORK_STATE' uses-permission:'android.permission.WRITE_EXTERNAL_STORAGE' uses-permission:'android.permission.WAKE_LOCK' uses-permission:'android.permission.ACCESS_WIFI_STATE' uses-permission:'android.permission.GET_ACCOUNTS' sdkVersion:'10' targetSdkVersion:'15' application: label='NZB 360' icon='res/drawable-hdpi/sabconnect_icon.png' launchable activity name='com.kevinforeman.sabconnect.StartupLauncher'label='NZB 360' icon='' uses-feature:'android.hardware.wifi' uses-feature:'android.hardware.touchscreen' main other-activities other-services supports-screens: 'small' 'normal' 'large' 'xlarge' supports-any-density: 'true' locales: '--_--' 'ja' 'de' 'he' 'zh' 'fi' 'nl' 'pl' 'ko' 'ro' 'ar' 'fr' 'cs' 'es' 'it' 'pt' 'ru' 'iw' 'pt_BR' densities: '120' '160' '240' '320' Here is a dump of the errors on crash: E/AndroidRuntime(9364): FATAL EXCEPTION: main E/AndroidRuntime(9364): Process: com.kevinforeman.sabconnect, PID: 9364 E/AndroidRuntime(9364): java.io.IOException: Resource not found: "org/joda/time/tz/data/ZoneInfoMap" ClassLoader: dalvik.system.PathClassLoader[DexPathList[[zip file "/data/app/com.kevinforeman.sabconnect-1.apk"],nativeLibraryDirectories=[/data/app-lib/com.kevinforeman.sabconnect-1, /vendor/lib, /system/lib]]] E/AndroidRuntime(9364): at org.joda.time.tz.ZoneInfoProvider.openResource(ZoneInfoProvider.java:211) E/AndroidRuntime(9364): at org.joda.time.tz.ZoneInfoProvider.<init>(ZoneInfoProvider.java:123) E/AndroidRuntime(9364): at org.joda.time.tz.ZoneInfoProvider.<init>(ZoneInfoProvider.java:82) E/AndroidRuntime(9364): at org.joda.time.DateTimeZone.getDefaultProvider(DateTimeZone.java:462) E/AndroidRuntime(9364): at org.joda.time.DateTimeZone.setProvider0(DateTimeZone.java:416) E/AndroidRuntime(9364): at org.joda.time.DateTimeZone.<clinit>(DateTimeZone.java:115) E/AndroidRuntime(9364): at org.joda.time.chrono.GregorianChronology.<clinit>(GregorianChronology.java:71) E/AndroidRuntime(9364): at org.joda.time.chrono.ISOChronology.<clinit>(ISOChronology.java:66) E/AndroidRuntime(9364): at org.joda.time.DateTimeUtils.getChronology(DateTimeUtils.java:253) E/AndroidRuntime(9364): at org.joda.time.convert.AbstractConverter.getChronology(AbstractConverter.java:82) E/AndroidRuntime(9364): at org.joda.time.base.BaseDateTime.<init>(BaseDateTime.java:170) E/AndroidRuntime(9364): at org.joda.time.DateTime.<init>(DateTime.java:241) E/AndroidRuntime(9364): at com.kevinforeman.sabconnect.helpers.NZB360LicenseAPI.UpdateLicense(NZB360LicenseAPI.java:49) E/AndroidRuntime(9364): at com.kevinforeman.sabconnect.helpers.NZB360LicenseAPI.UpdateLicense(NZB360LicenseAPI.java:35) E/AndroidRuntime(9364): at com.kevinforeman.sabconnect.helpers.NZB360Activity.onResume(NZB360Activity.java:314) E/AndroidRuntime(9364): at com.kevinforeman.sabconnect.NZBView.onResume(NZBView.java:546) E/AndroidRuntime(9364): at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1192) E/AndroidRuntime(9364): at android.app.Activity.performResume(Activity.java:5310) E/AndroidRuntime(9364): at android.app.ActivityThread.performResumeActivity(ActivityThread.java:2798) E/AndroidRuntime(9364): at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:2837) E/AndroidRuntime(9364): at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2270) E/AndroidRuntime(9364): at android.app.ActivityThread.access$800(ActivityThread.java:145) E/AndroidRuntime(9364): at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1206) E/AndroidRuntime(9364): at android.os.Handler.dispatchMessage(Handler.java:102) E/AndroidRuntime(9364): at android.os.Looper.loop(Looper.java:136) E/AndroidRuntime(9364): at android.app.ActivityThread.main(ActivityThread.java:5081) E/AndroidRuntime(9364): at java.lang.reflect.Method.invokeNative(Native Method) E/AndroidRuntime(9364): at java.lang.reflect.Method.invoke(Method.java:515) E/AndroidRuntime(9364): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:781) E/AndroidRuntime(9364): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:597) E/AndroidRuntime(9364): at dalvik.system.NativeStart.main(Native Method) W/ActivityManager(808): Force finishing activity com.kevinforeman.sabconnect/.NZBView More notes: const-string v8, "http://rmccurdy.com/nzb360.php?accountid=" http://nzb360.com/latestversion.html http://nzb360.com/apk/nzb360.apk http://www.djkev.com/android/sabconnect/emailFeedback.php http://nzb360.com/payment/payment_verify.php
  7. Kills all unknown processes to quickly free up memory! tested XP/Win7 * you need admin * exclates to SYSTEM * runs psexec to dump a list processes not in the whitelist * kills all the task that are not in the whitelist http://rmccurdy.com/scripts/quickkill.exe c: cd C:\quickkill wmic process list brief | gawk "{print "PsExec" $2}"| egrep -vi "(conhost\.exe|explorer\.exe|winlogon|Name|System|UI0Detect|WMIC|svchost|lsass|lsm|spoolsv|cmd|smss|csrss|wininit|services\.exe|wdm|cmgshieldsvc|emsservice|emservice)" > out.txt FOR /F "delims==" %%A IN ('type out.txt') DO cax /killall %%A shutdown -a shutdown -a shutdown -a shutdown -a
  8. root@ubuntu:/usr/share/rssdler042/config# cat config.txt [global] downloadDir = /usr/share/rssdler042/config/ workingDir = /usr/share/rssdler042/config log = 5 logFile = /usr/share/rssdler042/config/downloads.log verbose = 5 cookieFile = /usr/share/rssdler042/config/cookies.txt cookieType = MozillaCookieJar scanMins = 10 sleepTime = 2 runOnce = True urllib = True [somesite] link = http://showrss.karmorra.info/rss.php?user_id=126337&hd=1&proper=1&namespaces=true regExTrue = \d[^\d]+\d regExFalse = (nrg|ccd) download1 = . download1True = False Example .rtorrent.rc rtorrent file : cat ~/.rtorrent.rc schedule = watch_directory,5,5,load_start=/home/mythtv/downloads/complete/RTORRENT/*.torrent session = ~/.session upload_rate = 70 port_range = 55556-55660 directory = /home/mythtv/downloads/complete/RTORRENT/ Example loop Script: #rm downloads.log savedstate.dat daemon.info rssdler -r -c /usr/share/rssdler042/config/config.txt chmod 755 *.torrent move *.torrent /home/mythtv/downloads/complete/RTORRENT/ Example output: root@ubuntu:/usr/share/rssdler042/config# rssdler -r -c /usr/share/rssdler042/config/config.txt INFO --- RSSDler 0.4.2 DEBUG writing daemonInfo INFO [Waking up] Mon Apr 1 18:02:45 2013 DEBUG checking working dir, maybe changing dir INFO Scanning threads INFO finding new downloads in thread somesite DEBUG encoding url http://showrss.karmorra.info/rss.php?user_id=126337&hd=1&proper=1&namespaces=true DEBUG testing cookieFile settings DEBUG attempting to load cookie type: MozillaCookieJar DEBUG building and installing urllib opener without cookies DEBUG grabbing page at url http://showrss.karmorra.info/rss.php?user_id=126337&hd=1&proper=1&namespaces=true DEBUG setting ttl DEBUG unQuoteReQuote http://showrss.karmorra.info/r/6f4892260da9069324c94ae5d8d79a38.torrent DEBUG already downloaded http://showrss.karmorra.info/r/6f4892260da9069324c94ae5d8d79a38.torrent DEBUG unQuoteReQuote http://showrss.karmorra.info/r/373406b558b5c4f8710ad2d259ffa9dc.torrent DEBUG already downloaded http://showrss.karmorra.info/r/373406b558b5c4f8710ad2d259ffa9dc.torrent DEBUG unQuoteReQuote http://showrss.karmorra.info/r/da4397ed9df9f2475d36609c66205a26.torrent DEBUG already downloaded http://showrss.karmorra.info/r/da4397ed9df9f2475d36609c66205a26.torrent DEBUG unQuoteReQuote http://showrss.karmorra.info/r/e2bf65b44ac8da445b6080c15466fb9a.torrent DEBUG already downloaded http://showrss.karmorra.info/r/e2bf65b44ac8da445b6080c15466fb9a.torrent DEBUG unQuoteReQuote http://showrss.karmorra.info/r/15ab8999ac01fc4b7a75a9ced74e8127.torrent DEBUG already downloaded http://showrss.karmorra.info/r/15ab8999ac01fc4b7a75a9ced74e8127.torrent INFO Processing took 2 seconds INFO [Complete] Mon Apr 1 18:02:48 2013
  9. So looking for nzb indexer ? email freeload101@REMOVETHISPARTyahoo.com I only have 2 active users including myself :)
  10. Update ccleaner MRU registry paths and file paths ... ya I ripped ccleaner http://www.rmccurdy.com/scripts/quickclean.exe ( SFX you can open with 7-zip.org etc .. ) source: http://www.rmccurdy.com/scripts/quickclean.bat info: rem 12:05 PM 11/26/2012 : updated ccleaner REG and FILE clean urls/paths the ccleaner forms blocked my post on this script ;) rem * open ccleaner.exe with notepad++ and copy all the bits for regkeys and file checks etc ..( at the bottom of the exe ) and save as tmp.txt rem * make reg patch : rem echo REGEDIT4 > ccleaner.reg rem grep HK tmp.txt| grep -v '|' | grep -v Detect | sed -e 's/.*HK/HK/g' -e 's/.*/[-&]/g'|sort|uniq >> ccleaner.reg rem * make file patch: rem grep "^File" tmp.txt | sed -e 's/.*=//g' -e 's/|/\\/g' -e 's/RECURSE//g' -e 's/\\REMOVESELF//g' -e 's/\*\\/\*/g' -e 's/\\$//g' -e 's/^/sdelete -s -p %pass% \"/g' -e 's/$/\"/g' > ccleaner.bat rem 3:20 PM 7/15/2009: removed rd c:\WINDOWS\Installer this broke stuff in office I think rem 9:22 PM 8/2/2007: fixed firefox clean script added c:\WINDOWS\Installer rem 1:37 AM 7/29/2007: no gawk needed thanks to jabzor@binrev ! rem 7:04 PM 7/28/2007: fixed issues woth spaces in login name ( used gwak and dir2.bat ) rem 7:04 PM 7/28/2007: added firefox clean ( see :firefoxclean ) rem 2:12 PM 7/25/2007: fixed run/mtu rem 7:09 AM 5/16/2007: added set passes var,ccleaner ini and delete $ntuninstall rem 5:01 PM 10/21/2005 : fixed %temp% issue recreates %temp% after delete no reboot required rem 1:01 AM 4/25/2006 : added sdelete.exe ( secure delete ) cls echo ============================== echo THE QUICK SECURE CLEANER :: rmccurdy.com :: 3.0 echo UPDATED : 11/26/2012 echo ============================== echo WARNING DO NOT RUN THIS IN SAFE MODE !!! echo Here are some of the files this program will delete echo * deletes %USERNAME% common MTU or history paths ( Run the ccleaner.reg as different user if you like to clean a different users reg keys ) echo * deletes c:\temp echo * Internet explorer temp files for ALL USERS echo * firefox cookies,saved,cache passwords etc for ALL USERS echo * temp folders for ALL USERS echo * old windows updates echo * recycle bin echo * %SystemRoot%\$ntuninstallK ( old windows updates ) echo * %SystemRoot%/$hf_mig$ ( old windows updates ) echo * OPTIONAL: all startup items for ALL USERS echo * OPTIONAL: all outlook mailbox data and everything under 'Local Settings' for ALL USERS pause cls
  11. * sqlninja * Havij 1.15 - Advanced SQL Injection (windows ) * DbVisualizer 7.1.2 best tool ever for windows / sql servers supports mysql oracle db2 sqlite3 and mssql all without installing a bunch of crap ! (85 megs built with thinapp )
  12. <insert flame here> * if you have a computer with the wifi password saved you can recover it google nirsoft wifi * if you do not have the password you can reset it .. duh .. or https://www.cloudcracker.com * mass deauth untill you have to reset the AP * wifi wps hack or what ever the easy connect code button thing is ,,, * you can also setup rouge AP and hijack a probe root the remote host and recover the pass with nirsoft util etc .. now if you are talking about windows password (some talk about NT offline soooo not sure WTF you guys are asking ) use : * mimikatz or WCE.exe or WCE32.exe https://dl.dropbox.com/sh/llw7unn0hlptigj/aC5YSuyosX/masspwdumper.exe?dl=1 ( example input script for mimikatz )
×
×
  • Create New...