Jump to content

jOte-

Active Members
  • Posts

    38
  • Joined

  • Last visited

Everything posted by jOte-

  1. https://nordpass.com/most-common-passwords-list/ This site lists all 2020 weak passwords what I don't understand is that x4ivygA51F why has this been used so many times? Anyone have an idea?
  2. @vailixi this is f* scary ... and this is how they hack ppl... I hope my country have ppl @ the top understanding this threat! using code embeded in jpg/png and use the decoder in using cached images... SUBLIME its a MASTERWORK and i'm glad he made it public!!!
  3. I love r3plic4tor his view about all of this... The use of "kung fu" is crusial... - it refers to any study, learning, or practice that requires patience, energy, and time to complete - In one way or the other we are all facinated about ppl with skills... because we are curious. Using this curiosity can make you a knowledgable person in one/more specific skill(s), it can be "programming language/scripting/os" or "scateboarding/cooking/painting" ... The only difference is that you can't harm ppl with a painting or food (except their feelings or stomach)
  4. helping you in that case wouldn't help you at all ... understanding what is happening... if you want to be a hacker.... make some effort.... search.... and exploit... repeat.... repeat... Knowledge is not something you get for free... you have to work for it!....
  5. https://www.nginx.com/blog/running-non-ssl-protocols-over-ssl-port-nginx-1-15-2/ If you can man in the middle in that case.... - wget ok - curl ok - internet explorer ok - edge ok - firefox ok - chrome ok / newest version is complaining (can be some bad configuration... - just testing-) ... TLSv1.3 *if you disable it in chorme it works... map $ssl_preread_protocol $upstream { default ssh; "TLSv1.2" web; } - vivaldis ok
  6. * configuration - raspbian stretch lite (aka headless install... no GUI) - attached to 7 " screen (any screen) * install - youtube-dl - omxplayer * stream something from youtube "watchdogs 2" - Game # sudo apt-get install -y youtube-dl # sudo apt-get install -y omxplayer # omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU") ** oneliner: sudo apt-get install -y youtube-dl omxplayer && sleep 15s && omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU") SCARYYYYYY!!!! we are dedsec ? PS: if you run this command in ssh session "omxplayer --vol -0 -o hdmi --aspect-mode fill $(youtube-dl -f best --no-warnings -g "https://www.youtube.com/watch?v=tudBj-89NHU")" it will show on the screen.... not in your session.... I know ... just playing... for the lolz (agree seeing this on a headless OS ??? WTF - have a nice day -)
  7. no @reboot ... in cronjobs.... I think this is a good example for this "problem"... Add a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - Delete a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - I use this script to be sure it is connected.... ssh.vpn.start #!/bin/bash up=`ping -c1 192.168.0.6 &> /dev/null; echo $?` if [ "$up" -eq "1" ] then ssh -NTCf -w 0:0 -o TCPKeepAlive=yes -o ServerAliveInterval=60 root@hostname tun=`ip a show tun0 &> /dev/null ; echo $?` if [ "$tun" -eq "0" ] then ip link set tun0 up ip addr add 10.0.0.174/32 peer 10.0.0.184 dev tun0 ip route add 192.168.0.0/24 via 10.0.0.184 arp -sD 10.0.0.184 eth0 pub echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - ssh root@hostname 'ip link set tun0 up && ip addr add 10.0.0.184/32 peer 10.0.0.174 dev tun0 && ip route add 10.0.0.0/24 via 10.0.0.174' fi fi ssh.vpn.stop #!/bin/bash sudo kill $(ps aux | grep 'ssh -NTCf -w 0:0' | awk '{print $2}') ps aux | grep 'ssh -NTCf -w 0:0' croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - https://wiki.archlinux.org/index.php/VPN_over_SSH https://help.ubuntu.com/community/SSH_VPN +---------------+ OpenSSH 4.3 +---------------+ | Machine A | tun0 -- Tunnel Interface -- tun0 | Machine B | | Has a tunnel | <------------------------------->| Has a tunnel | | and ethernet | 10.0.0.100 10.0.0.200 | and ethernet | +-------+-------+ point to point connection +-------+-------+ eth0 | creates a bridge | eth0 10.0.0.100 | that plugs machine B | 192.168.0.100 port 22 | into network A | forwarded | | here | | +-------+-------+ +-~-~-~-~-~-~-~-+ +-------+-------+ | Network A | | | | Network B | | 10.0.0.1/24 | 1.2.3.4 | The Internet | | 192.168.0.1/24| | Has internet |<-------->| |<----->| Has internet | | NAT gateway | Routable | | | NAT gateway | +---------------+ Address +-~-~-~-~-~-~-~-+ +---------------+ VLAN ALL UNTRUSTED DEVICES!!! THEY ALL PHONE HOME....
  8. nircmd/winapiexec is good.... but Y use external tools if u can do it in cleaver scripting?
  9. === bat/cmd === @echo off powershell (Add-Type '[DllImport(\"user32.dll\")]^public static extern int SendMessage(int hWnd, int hMsg, int wParam, int lParam);' -Name a -Pas)::SendMessage(-1,0x0112,0xF170,2); === commandline === powershell (Add-Type '[DllImport(\"user32.dll\")]public static extern int SendMessage(int hWnd, int hMsg, int wParam, int lParam);' -Name a -Pas)::SendMessage(-1,0x0112,0xF170,2); https://gallery.technet.microsoft.com/scriptcenter/Turn-off-screen-4d173e0a/view/Discussions#content its not switching between screens but putting the screen in sleeping mode... maybe some better research would do what you have in mind...
  10. bruteforcing rdp is stupid... gpo would lock u out as PoSHMagiC0de is mentioning...
  11. :: "Unknown publisher" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /t "REG_DWORD" /d 109 /f >NUL 2>&1 :: "The identity of the remote computer cannot be verified. Do you want to connect anyway?" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f >NUL 2>&1 :: Delete old credentials from Micro$oft vault CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1 CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1 :: Store credentials to Micro$oft vault CMD /Q /D /C cmdkey /add:"%RDGATEWAY%" /user:"%RDUSERNAME%" /pass:"%RDPASSWORD%" >NUL 2>&1 CMD /Q /D /C cmdkey /generic:"%HOSTNAME%" /user:"%USERNAME%" /pass:"%PASSWORD%" >NUL 2>&1
  12. I 'm just interested in doing stuff in different ways.... on the payroll scripts - if it run... ship it - or the script you make for yourself! the bad way .... or the good way
  13. I can start a museum over here according to PI... I was amazed at the first day!!! Pi as hotspot..., Pi tor gateway, pure testing device... playdevice
  14. The question is... do you want it to be stealthy? or just as administrator... Its true Bashbunny and Rubberducky can be used as infiltration/information gathering devices.... But, also as a usefull tool to do repitive tasks as administrator - like installing xx new laptops - If you know what you are doing... you can do nice things with this device! I do agree with MB60893 ... If you want info, stealthy/or not, there are other solutions...
  15. PoSH, im interested in the memory stuff... you have some more info? can you point me to the right direction? tnx
  16. Check the file "gatherNetworkInfo.vbs" in c:\windows\system32 ?
  17. interesting... i have to check that out! tnx
  18. i had that idea running into the winscp scripting question... // 2>NUL||@GOTO :BATCH /* :BATCH @ECHO OFF MODE CON: COLS=120 LINES=20 BUFFER=100 COLOR 08 SET CSC= FOR /F "TOKENS=1,2 DELIMS=#" %%a IN ('"PROMPT #$H#$E# & ECHO ON & FOR %%b IN (1) DO REM"') DO ( SET "DEL=%%a" ) CLS ECHO. CALL :H "-- REQUIREMENTS -----------------------------------------------------------------------------------" FOR /R "%SystemRoot%\Microsoft.NET\Framework\" %%# IN ("*csc.exe") DO SET "CSC=%%#" IF NOT DEFINED CSC ( CALL :CE " [!] no .net framework or csc.exe found!" EXIT /B 10 ) ELSE ( CALL :I " [i] csc.exe found" ) CALL :H "-- COMPILING --------------------------------------------------------------------------------------" CALL :NCE " [-] Delete old executable file if exists." DEL /Q /F "%~n0.exe" >NUL 2>NUL IF NOT EXIST "%~n0.exe" ( CALL :OK " [+] Creating new executable file." ECHO. CALL %CSC% /nologo /reference:"WinSCPnet.dll" /warn:0 /out:"%~n0.exe" "%~dpsfnx0" || ( ECHO. CALL :WTF " [!] Creating executable file FAILED!" EXIT /B %errorlevel% ) ) CALL :I " [i] Start running executable file." CALL :H "-- START ----------------------------------------------------------------------------------------" ECHO. %~n0.exe %* ECHO. CALL :H "-- END ------------------------------------------------------------------------------------------" ECHO. CALL :I " [i] End running executable file." TIMEOUT 10 > NUL 2>&1 ENDLOCAL & EXIT /B %errorlevel% :COLORTEXT :: COLOR [attr] :: attr Specifies color attribute of console output :: Color attributes are specified by TWO hex digits — the first corresponds to the background; the second the foreground. :: Each digit can be any of the following values: :: 0 = Black 8 = Gray :: 1 = Blue 9 = Light Blue :: 2 = Green A = Light Green :: 3 = Aqua B = Light Aqua :: 4 = Red C = Light Red :: 5 = Purple D = Light Purple :: 6 = Yellow E = Light Yellow :: 7 = White F = Bright White ECHO OFF <NUL SET /p ".=%DEL%" > "%~2" FINDSTR /v /a:%1 /R "^$" "%~2" NUL DEL "%~2" > NUL 2>&1 & ECHO. GOTO :EOF :I :INFO CALL :COLORTEXT 09 %1 GOTO :EOF :H :HEADER ECHO. CALL :COLORTEXT 0F %1 ECHO. GOTO :EOF :C :CREATE :OK CALL :COLORTEXT 02 %1 GOTO :EOF :NCE :NONCRITICALERR CALL :COLORTEXT 0D %1 GOTO :EOF :CE :WTF :CRITICALERR CALL :COLORTEXT 04 %1 ECHO. TIMEOUT 20 EXIT /B %errorlevel% GOTO :EOF */ using System; using WinSCP; class ftw { public static int Main() { try { SessionOptions sessionOptions = new SessionOptions { Protocol = Protocol.Sftp, HostName = "192.168.*.*", PortNumber = 22, UserName = "***********************", Password = "********", SshHostKeyFingerprint = "ssh-****** 512 **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**" }; using (Session session = new Session()){ session.FileTransferred += FileTransferred; session.Open(sessionOptions); SynchronizationResult synchronizationResult; synchronizationResult = session.SynchronizeDirectories(SynchronizationMode.Remote, @"C:\Users\unkown\Pictures\","/home/lnxuser/Pictures/", false); synchronizationResult.Check(); CommandExecutionResult commandResult; commandResult = session.ExecuteCommand("/home/lnxyser/Pictures/resize.sh"); commandResult.Check(); Console.WriteLine(commandResult.Output); } return 0; } catch (Exception e) { Console.WriteLine("Error: {0}", e); return 1; } } private static void FileTransferred(object sender, TransferEventArgs e) { if (e.Error == null) { Console.WriteLine("Upload of {0} succeeded", e.FileName); } else { Console.WriteLine("Upload of {0} failed: {1}", e.FileName, e.Error); } if (e.Chmod != null) { if (e.Chmod.Error == null) { Console.WriteLine("Permissions of {0} set to {1}", e.Chmod.FileName, e.Chmod.FilePermissions); } else { Console.WriteLine("Setting permissions of {0} failed: {1}", e.Chmod.FileName, e.Chmod.Error); } } else { Console.WriteLine("Permissions of {0} kept with their defaults", e.Destination); } if (e.Touch != null) { if (e.Touch.Error == null) { Console.WriteLine("Timestamp of {0} set to {1}", e.Touch.FileName, e.Touch.LastWriteTime); } else { Console.WriteLine("Setting timestamp of {0} failed: {1}", e.Touch.FileName, e.Touch.Error); } } else { Console.WriteLine("Timestamp of {0} kept with its default (current time)", e.Destination); } } }
  19. // 2>NUL||@GOTO :BATCH /* :BATCH @ECHO OFF MODE CON: COLS=120 LINES=20 BUFFER=100 COLOR 08 SET CSC= FOR /F "TOKENS=1,2 DELIMS=#" %%a IN ('"PROMPT #$H#$E# & ECHO ON & FOR %%b IN (1) DO REM"') DO ( SET "DEL=%%a" ) CLS ECHO. CALL :H "-- REQUIREMENTS -----------------------------------------------------------------------------------" FOR /R "%SystemRoot%\Microsoft.NET\Framework\" %%# IN ("*csc.exe") DO SET "CSC=%%#" IF NOT DEFINED CSC ( CALL :CE " [!] no .net framework or csc.exe found!" EXIT /B 10 ) ELSE ( CALL :I " csc.exe found" ) CALL :H "-- COMPILING --------------------------------------------------------------------------------------" CALL :NCE " [-] Delete old executable file if exists." DEL /Q /F "%~n0.exe" >NUL 2>NUL IF NOT EXIST "%~n0.exe" ( CALL :C " [+] Creating new executable file." ECHO. CALL %CSC% /nologo /reference:"" /warn:0 /out:"%~n0.exe" "%~dpsfnx0" || ( ECHO. CALL :CE " [!] Creating executable file FAILED!" EXIT /B %errorlevel% ) ) CALL :I " Start running executable file." CALL :H "-- START ----------------------------------------------------------------------------------------" ECHO. %~n0.exe %* ECHO. CALL :H "-- END ------------------------------------------------------------------------------------------" ECHO. CALL :I " End running executable file." TIMEOUT 10 > NUL 2>&1 ENDLOCAL & EXIT /B %errorlevel% :COLORTEXT ECHO OFF <NUL SET /p ".=%DEL%" > "%~2" FINDSTR /v /a:%1 /R "^$" "%~2" NUL DEL "%~2" > NUL 2>&1 & ECHO. GOTO :EOF :I :INFO CALL :COLORTEXT 09 %1 GOTO :EOF :H :HEADER ECHO. CALL :COLORTEXT 0F %1 ECHO. GOTO :EOF :C :CREATE CALL :COLORTEXT 02 %1 GOTO :EOF :NCE :NONCRITICALERR CALL :COLORTEXT 0D %1 GOTO :EOF :CE :CRITICALERR CALL :COLORTEXT 04 %1 ECHO. TIMEOUT 30 EXIT /B %errorlevel% GOTO :EOF REM C# CODE AFTER THIS... REM */ using System; class ftw { public static void Main() { try { Console.WriteLine(System.Diagnostics.Process.GetCurrentProcess().MainModule.FileName + "\n"); Console.WriteLine("--- you asked 4me?"); Console.WriteLine("----- Compile your code on target machine..."); Console.WriteLine("--- Most of the time Antivirus will allow that..."); } catch (Exception e) { Console.WriteLine("Error: {0}", e); } } }
  20. https://github.com/SpiderLabs/portia/blob/master/modules/Start-WebServer.ps1 check this out!!!!
  21. in the root of the BashBunny there is a file "config.txt" did u change it over there? - docs - languages - loot - payloads - tools config.txt #!/bin/bash #This configuration file is used to set default variables DUCKY_LANG de This way you don't have to add it to all your scripts.
×
×
  • Create New...