This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Related tags

Security related resourcesPYTHON-EXPLOITATION
Overview

PYTHON-EXPLOITATION

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Networking

tcp_clinet.py

The tcp_clinet.py script is used to push data to a server in the event that you are not able to use the typical networking tools. In the script we:

  • Create a socket object (line 8): the AF_INET parameter indicates we will use a standard IPv4 address or hostname, and SOCK_STREAM indicates that this will be a TCP client.
  • Connect to the client server (line 11): note that, since we are using a TCP client, we must first connect to our server (via the TCP handshake) to send data to it.
  • Send the server some data in bytes (line 14)
  • Recieve data back from the server and print out the response (line 17)

    Note that this script makes numerous assumptions about the server we are engaging with:

  • It assumes that our connection will always succeed as it does not have a fallback function in the event that the server rejects our connection.
  • It assumes that the server expects us to send data first. Sometimes, the server will want to send us data first - this is especially true if the server is being guarded by a firewall of some kind.
  • The script assumes that the server will always return data to us in a timely fashion.

    The assumptions are made for simplicity's sake. All things considered, sometimes less is more.

    udp_client.py

    Our udp_client.py script is much different from our tcp script, only that it it configured to send data via the user datagram protocol (but that much was obvious):

    • We change the socket type to SOCK_DGRAM to indicate that we will be using sending data via the UDP (line 6).
    • Also, notice that there is no connect() method beforehand, since we do not need to connect to a server beforehand using UDP. This is because UDP is a connectionaless protocol.
    • The last step is to call the recvfrom() method to receive UDP data back. This returns both the data and the details of the remote host and port (line 9).

    tcp_server.py

    The tcp_server.py is just that, a multi-threaded python TCP server that we can use in the event we want to write a command shell or craft a proxy.

    • Firstly, we pass in the IP address and port we want the server to listen on (line 9).
    • Next, we tell the server to simply start listening with a max backlog of connections set to 5 (line 10). Now ther server waits for a connection.
    • Once the clinet connects, we get the client socket in the client variable and the remote connection details in teh address variable.
    • We tehn start the thread to handle the client connection (line 17).
    • The handle_client function performs rec() and then sens a simple message back to the client.
    • Owner
    Nathan Galindo
    Hi, my name is Nathan Galindo and I am a cybersecurity student at Baylor University!
    Nathan Galindo
    GitHub Repository
    This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

    MurMurHash This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform. What is MurMurHash? Murm

    Viral Maniar 87 Dec 31, 2022
    Meterpreter Reverse shell over TOR network using hidden services

    Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev

    calfcrusher 80 Dec 21, 2022
    BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

    CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user

    KIEN HOANG 17 Nov 09, 2022
    ๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

    ๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

    CodeX-ID 2 Oct 27, 2022
    It is a very simple XSS simulator based on flask, python.

    It is a very simple XSS simulator based on flask, python. The purpose of making this is for teaching the concept of XSS.

    Satin Wuker 3 May 10, 2022
    Privacy-respecting metasearch engine

    Privacy-respecting, hackable metasearch engine / pronunciation sษ™หks. If you are looking for running instances, ready to use, then visit searx.space.

    Searx engine 12.4k Jan 08, 2023
    Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

    We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

    Mitiga 13 Jan 04, 2022
    WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

    wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

    3 Feb 20, 2022
    md5 hash cracking with python.

    Python-Md5-Cracker- md5 hash cracking with python. Original files added First create a file called word.txt then run the wordCreate.py script The task

    Nebil Sharifi 0 Aug 31, 2022
    Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

    Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

    1 Nov 12, 2021
    A piece of software that shows a traceroute of a URL redirect path

    Tracing URL redirects has never been easier! Usage โ€ข Download ๐Ÿšฉ Use Cases To see where an affiliate link ends up To see what affiliate network is bei

    41 Nov 22, 2022
    An auxiliary tool for iot vulnerability hunter

    firmeye - IoTๅ›บไปถๆผๆดžๆŒ–ๆŽ˜ๅทฅๅ…ท firmeye ๆ˜ฏไธ€ไธช IDA ๆ’ไปถ๏ผŒๅŸบไบŽๆ•ๆ„Ÿๅ‡ฝๆ•ฐๅ‚ๆ•ฐๅ›žๆบฏๆฅ่พ…ๅŠฉๆผๆดžๆŒ–ๆŽ˜ใ€‚ๆˆ‘ไปฌ็Ÿฅ้“๏ผŒๅœจๅ›บไปถๆผๆดžๆŒ–ๆŽ˜ไธญ๏ผŒไปŽๆ•ๆ„Ÿ/ๅฑ้™ฉๅ‡ฝๆ•ฐๅ‡บๅ‘๏ผŒๅฏปๆ‰พๅ…ถๅ‚ๆ•ฐๆฅๆบ๏ผŒๆ˜ฏไธ€็งๅพˆๆœ‰ๆ•ˆ็š„ๆผๆดžๆŒ–ๆŽ˜ๆ–นๆณ•๏ผŒไฝ†็จ‹ๅบไธญ่ฐƒ็”จๆ•ๆ„Ÿๅ‡ฝๆ•ฐ็š„ๅœฐๆ–น้žๅธธๅคš๏ผŒไบบๅทฅๅˆ†ๆž่€—ๆ—ถ่ดนๅŠ›๏ผŒ้€š่ฟ‡่ฏฅๆ’ไปถ๏ผŒๅฏไปฅๅธฎๅŠฉๆŽ’้™คๅคง้ƒจๅˆ†็š„ๅฎ‰ๅ…จ

    Firmy Yang 171 Nov 28, 2022
    proxyshell payload generate

    Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell

    Evi1cg 63 Nov 15, 2022
    A secure way of storing your passwords.

    StrongBox ๐Ÿ” A secure way of storing your passwords. ๐Ÿ”‘ Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i

    Dylan Tintenfich 5 Dec 25, 2021
    Python script to tamper with pages to test for Log4J Shell vulnerability.

    log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static

    GoVanguard 8 Oct 20, 2022
    This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature

    rpckiller This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate

    Ashish Kunwar 33 Sep 23, 2022
    LittleBrother is a simple parental control application monitoring specific processes on Linux hosts to monitor and limit the play time of children.

    Parental Control Application LittleBrother Overview LittleBrother is a simple parental control application monitoring specific processes (read "games"

    40 Dec 21, 2022
    Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)

    Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)

    Carlos Vieira 35 Dec 28, 2022
    Rapidly enumerate subdomains and domains using rapiddns.io.

    Description Simple python module (unofficial) allowing you to access data from rapiddns.io. You can also use it as a module. As mentioned on the rapid

    27 Dec 31, 2022
    A tool to extract the IdP cert from vCenter backups and log in as Administrator

    vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

    Horizon 3 AI Inc 343 Dec 31, 2022