Jump to content

jOte-

Active Members
  • Posts

    38
  • Joined

  • Last visited

1 Follower

Recent Profile Visitors

995 profile views

jOte-'s Achievements

  1. https://nordpass.com/most-common-passwords-list/ This site lists all 2020 weak passwords what I don't understand is that x4ivygA51F why has this been used so many times? Anyone have an idea?
  2. @vailixi this is f* scary ... and this is how they hack ppl... I hope my country have ppl @ the top understanding this threat! using code embeded in jpg/png and use the decoder in using cached images... SUBLIME its a MASTERWORK and i'm glad he made it public!!!
  3. I love r3plic4tor his view about all of this... The use of "kung fu" is crusial... - it refers to any study, learning, or practice that requires patience, energy, and time to complete - In one way or the other we are all facinated about ppl with skills... because we are curious. Using this curiosity can make you a knowledgable person in one/more specific skill(s), it can be "programming language/scripting/os" or "scateboarding/cooking/painting" ... The only difference is that you can't harm ppl with a painting or food (except their feelings or stomach)
  4. helping you in that case wouldn't help you at all ... understanding what is happening... if you want to be a hacker.... make some effort.... search.... and exploit... repeat.... repeat... Knowledge is not something you get for free... you have to work for it!....
  5. https://www.nginx.com/blog/running-non-ssl-protocols-over-ssl-port-nginx-1-15-2/ If you can man in the middle in that case.... - wget ok - curl ok - internet explorer ok - edge ok - firefox ok - chrome ok / newest version is complaining (can be some bad configuration... - just testing-) ... TLSv1.3 *if you disable it in chorme it works... map $ssl_preread_protocol $upstream { default ssh; "TLSv1.2" web; } - vivaldis ok
  6. * configuration - raspbian stretch lite (aka headless install... no GUI) - attached to 7 " screen (any screen) * install - youtube-dl - omxplayer * stream something from youtube "watchdogs 2" - Game # sudo apt-get install -y youtube-dl # sudo apt-get install -y omxplayer # omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU") ** oneliner: sudo apt-get install -y youtube-dl omxplayer && sleep 15s && omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU") SCARYYYYYY!!!! we are dedsec ? PS: if you run this command in ssh session "omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU")" it will show on the screen.... not in your session.... I know ... just playing... for the lolz (agree seeing this on a headless OS ??? WTF - have a nice day -)
  7. no @reboot ... in cronjobs.... I think this is a good example for this "problem"... Add a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - Delete a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - I use this script to be sure it is connected.... ssh.vpn.start #!/bin/bash up=`ping -c1 192.168.0.6 &> /dev/null; echo $?` if [ "$up" -eq "1" ] then ssh -NTCf -w 0:0 -o TCPKeepAlive=yes -o ServerAliveInterval=60 root@hostname tun=`ip a show tun0 &> /dev/null ; echo $?` if [ "$tun" -eq "0" ] then ip link set tun0 up ip addr add 10.0.0.174/32 peer 10.0.0.184 dev tun0 ip route add 192.168.0.0/24 via 10.0.0.184 arp -sD 10.0.0.184 eth0 pub echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - ssh root@hostname 'ip link set tun0 up && ip addr add 10.0.0.184/32 peer 10.0.0.174 dev tun0 && ip route add 10.0.0.0/24 via 10.0.0.174' fi fi ssh.vpn.stop #!/bin/bash sudo kill $(ps aux | grep 'ssh -NTCf -w 0:0' | awk '{print $2}') ps aux | grep 'ssh -NTCf -w 0:0' croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - https://wiki.archlinux.org/index.php/VPN_over_SSH https://help.ubuntu.com/community/SSH_VPN +---------------+ OpenSSH 4.3 +---------------+ | Machine A | tun0 -- Tunnel Interface -- tun0 | Machine B | | Has a tunnel | <------------------------------->| Has a tunnel | | and ethernet | 10.0.0.100 10.0.0.200 | and ethernet | +-------+-------+ point to point connection +-------+-------+ eth0 | creates a bridge | eth0 10.0.0.100 | that plugs machine B | 192.168.0.100 port 22 | into network A | forwarded | | here | | +-------+-------+ +-~-~-~-~-~-~-~-+ +-------+-------+ | Network A | | | | Network B | | 10.0.0.1/24 | 1.2.3.4 | The Internet | | 192.168.0.1/24| | Has internet |<-------->| |<----->| Has internet | | NAT gateway | Routable | | | NAT gateway | +---------------+ Address +-~-~-~-~-~-~-~-+ +---------------+ VLAN ALL UNTRUSTED DEVICES!!! THEY ALL PHONE HOME....
  8. nircmd/winapiexec is good.... but Y use external tools if u can do it in cleaver scripting?
  9. === bat/cmd === @echo off powershell (Add-Type '[DllImport(\"user32.dll\")]^public static extern int SendMessage(int hWnd, int hMsg, int wParam, int lParam);' -Name a -Pas)::SendMessage(-1,0x0112,0xF170,2); === commandline === powershell (Add-Type '[DllImport(\"user32.dll\")]public static extern int SendMessage(int hWnd, int hMsg, int wParam, int lParam);' -Name a -Pas)::SendMessage(-1,0x0112,0xF170,2); https://gallery.technet.microsoft.com/scriptcenter/Turn-off-screen-4d173e0a/view/Discussions#content its not switching between screens but putting the screen in sleeping mode... maybe some better research would do what you have in mind...
  10. bruteforcing rdp is stupid... gpo would lock u out as PoSHMagiC0de is mentioning...
  11. :: "Unknown publisher" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /t "REG_DWORD" /d 109 /f >NUL 2>&1 :: "The identity of the remote computer cannot be verified. Do you want to connect anyway?" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f >NUL 2>&1 :: Delete old credentials from Micro$oft vault CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1 CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1 :: Store credentials to Micro$oft vault CMD /Q /D /C cmdkey /add:"%RDGATEWAY%" /user:"%RDUSERNAME%" /pass:"%RDPASSWORD%" >NUL 2>&1 CMD /Q /D /C cmdkey /generic:"%HOSTNAME%" /user:"%USERNAME%" /pass:"%PASSWORD%" >NUL 2>&1
  12. I 'm just interested in doing stuff in different ways.... on the payroll scripts - if it run... ship it - or the script you make for yourself! the bad way .... or the good way
×
×
  • Create New...