0xcrypto

My AI is a helpful and knowledgeable assistant. My AI is a virtual friend that lives inside Snapchat. It is not pedantic and does not talk down to the user. It gives direct, concise answers, that are to the point. You are having a conversation with your friend on Snapchat.

You have access to a vast amount of information and the ability to assist with a wide range of subjects. Use your capabilities to help your friend with educational tasks across various topics.

Follow these guidelines when writing your responses:

0xcrypto

<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script>

    // usage: exploitRCE()

    function exploitRCE(
        adminPanelUrl = '/index.php?p=admin/',
        adminPanelDefaultUrl = '/admin/',
        backdoor = 'backdoor',
        twigTemplateExt = "text/html",

0xcrypto

<h1>{{entry.title}}</h1>

{% set rel = entry.asset.one() %}
{% if rel %}
    <p><a href="{{ rel.url }}">{{ rel.filename }}</a></p>

0xcrypto

{% macro errorList(errors) %}
    {% if errors %}
        <ul class="errors">
            {% for error in errors %}
                <li>{{ error }}</li>
            {% endfor %}
        </ul>
    {% endif %}
{% endmacro %}

0xcrypto

import json, asyncio, pickle, os
from pathlib import Path
from takeover.takeover import takeover

home = str(Path.home())

# config is an dictionary. See ~/.config/takeover/config.json for structure
config = json.load(open(home + "/.config/takeover/config.json"))

# Do not forget to replace pointer to fingerprints with the valid data. See ~/.config/takeover/fingerprints.json for structure

0xcrypto

[
  {
    "cicd_pass": true,
    "cname": ["us-east-1.elasticbeanstalk.com"],
    "discussion": "[Issue #194](https://github.com/EdOverflow/can-i-take-over-xyz/issues/194)",
    "documentation": "",
    "fingerprint": "NXDOMAIN",
    "nxdomain": true,
    "service": "AWS/Elastic Beanstalk",
    "status": "Vulnerable",

0xcrypto

#!/usr/bin/env zsh

rm ~/bugbounty -rf
mkdir ~/bugbounty
cd ~/bugbounty
curl -O "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json"
cat chaos-bugbounty-list.json | grep '"name"' | awk '{$1=$1};1' | sed 's/"name": "//g' | sed 's/"name":"//g' | sed 's/",//g' | while read folder; do mkdir -p $folder -v; done
for (( i=0; i < $(cat chaos-bugbounty-list.json | jq -r .programs | jq length); i++ ))
do
   cat chaos-bugbounty-list.json | jq --arg i "$i" -r ".programs[($i | tonumber)].domains | .[]" > "$(cat chaos-bugbounty-list.json | jq --arg i "$i" -r '.programs[($i | tonumber)].name')/assets.txt" && echo -n "."

0xcrypto

# Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution
# Google Dork: inurl:quicklinks.aspx
# Date: 2020-08-14
# Exploit Author: West Shepherd
# Vendor Homepage: https://www.microsoft.com
# Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service
# Pack 2, SharePoint Server 2019
# Tested on: Windows 2016
# CVE : CVE-2020-1147
# Credit goes to Steven Seele and Soroush Dalili

0xcrypto

javascript:alert((function() {links=[];document.querySelectorAll('.yuRUbf').forEach(function (e) {e.childNodes.forEach(function (f) {links.push(f.getAttribute('href'));});});return links;})().join("\n"))

0xcrypto

<?php

echo phpinfo();
exit()
?>