cihanmehmet

⏳🔺33 Million Subdomain Wordlist🔻🧱🔨👀

https://mega.nz/file/UsJXzITR#TMIFTXnW1zABHfZUIKMPMvA-c8UvzGWeAd4mg4gGCtQ

cmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
 33927885 33m-subdomain-wordlist.txt

---

🚨🔺15 Million Subdomain Wordlist🔻 🧱🔨👀

https://mega.nz/file/BtIh2KaZ#zI1aZgAdHYdBfvKC5G8bwXwfFG11Gx0CW1zLhc0weC8

rxwx

import requests
import sys
import re

HEADERS = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0"}

if len(sys.argv) != 2:
    print " Usage: python pulseversion.py <target ip/domain>"
    sys.exit(1)

zeropwn

		                     _       _ 
		  _______ _ __ ___  | | ___ | |
		 |_  / _ \ '__/ _ \ | |/ _ \| |
		  / /  __/ | | (_) || | (_) | |
		 /___\___|_|  \___(_)_|\___/|_|
		    	  https://zero.lol
		 	  zero days 4 days

Title: KDE 4/5 KDesktopFile Command Injection
Date: July 28th 2019

ykoster

<#
 .Synopsis
  Decrypt an MTPuTTY configuration file

 .Description
  Read an MTPuTTY configuration file, decrypt the passwords and dump the result

 .Parameter ConfigFile
  Path to the MTPuTTY configuration file

zeropwn

				                     _       _ 
				  _______ _ __ ___  | | ___ | |
				 |_  / _ \ '__/ _ \ | |/ _ \| |
				  / /  __/ | | (_) || | (_) | |
				 /___\___|_|  \___(_)_|\___/|_|
				    	  https://zero.lol
				 	  zero days 4 days


				ATTENTION:

3xocyte

#!/usr/bin/env python

# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
# this is a rough PoC

# requirements for RCE:
# - the attacker needs to either have or create an object with a service principal name
# - the MSSQL server has to be running under the context of System/Network Service/a virtual account
# - the MSSQL server has the WebClient service installed and running (not default on Windows Server hosts)
# - NTLM has to be in use

jthuraisamy

Windows Toolkit

Binary

Native Binaries

• IDA Pro

IDA Plugins	Preferred	Neutral	Unreviewed

v-p-b

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jasperReport PUBLIC "-//JasperReports//DTD Report Design//EN" "http://jasperreports.sourceforge.net/dtds/jasperreport.dtd">

<jasperReport name="FirstJasper" columnCount="2" pageWidth="595" pageHeight="842" columnWidth="270" columnSpacing="15" leftMargin="20" rightMargin="20" topMargin="30" bottomMargin="30">
	<style name="Arial_Normal" isDefault="true" fontName="Arial" fontSize="8" isBold="false" isItalic="false" isUnderline="false" isStrikeThrough="false" pdfFontName="Helvetica" pdfEncoding="Cp1252" isPdfEmbedded="false"/>
	<style name="Arial_Bold" isDefault="false" fontName="Arial" fontSize="8" isBold="true" isItalic="false" isUnderline="false" isStrikeThrough="false" pdfFontName="Helvetica-Bold" pdfEncoding="Cp1252" isPdfEmbedded="false"/>
	<style name="Arial_Italic" isDefault="false" fontName="Arial" fontSize="8" isBold="false" isItalic="true" isUnderline="false" isStrikeThrough="false" pdfFontName="Helvetica-Oblique" pdfEncoding="Cp1252" isPdfEmbedded="fa

dtmsecurity

$dotnetpath = "/usr/local/share/dotnet/dotnet";
$sharpgenpath = "/Users/dtmsecurity/Tools/SharpGen/bin/Debug/netcoreapp2.1/SharpGen.dll";
$temppath = "/tmp/";

beacon_command_register("sharpgen", "Compile and execute C-Sharp","Synopsis: sharpgen [code]\n");

alias sharpgen{
	$executionId  = "sharpgen_" . int(rand() * 100000);
	$temporaryCsharp =  $temppath . $executionId . ".cs";
	$executableFilename = $temppath . $executionId . ".exe";

matterpreter

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Management;

namespace ComAbandonment
{
    public class ComAbandonment
    {