xss payloads

为什么说是伪原创呢?
因为用的是owasp 出的xss检测神器,没有payloads库,那就让其扫描自己的网站,之后在根据日志来选出自己需要的,过程还算简单,就是Xenotix 扫描速度有些慢。
扫描速度慢,或许是自己不会用吧 :blush:

其实就是把 Xenotix 的payloads共享出来
同样的方法,大家也可以让360去扫,安全宝去扫 之后在整理浏览器的日志就有各自的paylods库了~

Xenotix 下载地址

Xenotix payloads downlod

shell

从网络收集的各个shell大集合,如有兴趣,可以看看
当然,欢迎大家提交新的shell
地址:点这里
撒,还是不知道,自己慢慢找找~~

MP4ba电影网站爬虫下载链接

简单的爬虫了下MP4ba.com的下载链接,格式为“类型,名字,下载链接”

需要的可以去下载哈~ 地址

代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/usr/bin/env python3
# -*- coding : utf-8 -*-
# author: tennc
# date: 2015/9/10
# filename: mp4ba_spider.py
#
# The MIT License
#
# Copyright (c) 2015
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"),
# to deal in the Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish, distribute, sublicense,
# and/or sell copies of the Software, and to permit persons to whom the
# Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
# DEALINGS IN THE SOFTWARE.
import requests
from bs4 import BeautifulSoup
import time
import re
pchinese=re.compile('([\u4e00-\u9fa5]+)+?') #匹配中文 匹配电影类型
mingzitemp=re.compile('(target="_blank">(\s+)).(.+)') #moive name
urltemp = re.compile('(hash=)(\S+)')#匹配hash
file = open('mp4ba.txt','w',encoding="utf-8")
for i in range(1,68):
response = requests.get("http://www.mp4ba.com/index.php?page=" + str(i))
soup = BeautifulSoup(response.text,"html.parser")
a = soup.find("tbody").findAll('tr')
for m in a :
#print(m)
mingzi = str(mingzitemp.findall(str(m))).split()[-1].replace("</a>')]","").replace("'","").replace('</a>")]',"").replace('"',"")
leixing = str(pchinese.findall(str(m))[0])
urldown = str(urltemp.findall(str(m))[:][-1]).replace("'hash=', '","magnet:?xt=urn:btih:").replace("'","").replace('"',"").replace("(","").replace(')','')
#print(urldown)
data = str(leixing) + "," + str(mingzi) + "," + str(urldown) + "\n"
file.write(data)
time.sleep(2) #延时1秒后继续运行下一页
file.close()

代码下载

kali2.0 install xfce

kali2.0 发布后,默认的桌面非常炫酷,当然也是非常占内存的,对我这屌丝而言还是xfce合适。

故 GG 发现了,国外网友已经给出了安装命了~

在此,故分享给大家

sudo apt-get update && apt-get install kali-defaults kali-root-login desktop-base xfce4 xfce4-places-plugin xfce4-goodies

等待一段时间安装成功后,重启或注销当前用户,在输入密码时,选择 Xfce Session

如图:

选择桌面环境

国外网友blog地址

google ip

这篇文章给大家说下如何获取google 可以ip

  1. 打开这个ipdb.at 连接,就可以查看到google 的ip,测试了几个,均可正常打开。

  2. 就是github上的google全球ip库项目

  3. 获取一些现成的hosts文件(替换为本地的hosts文件)

  4. 一些进行全球ping的在线网站,可以ping出一些可用的ip

首选第一个,快捷,方便。

github for windows

由于对git for console 不熟悉,所救用github for windows的gui客户端,下载多次,均失败,究其原因,其实大家都懂的~

对于没有vpn的我而言,只能在gg下疯狂的找啊找,其他人分享的安装包自己不放心,那就只能更改hosts了~

这里说下如何寻找那个ip方法:

  • 打开 http://ping.chinaz.com/
  • 输入 github-windows.s3.amazonaws.com
  • 从结果中获取能链接的ip
  • 简单的从本机在ping 下所获取的ip
  • 挑选合适的 < 丢包少的~ 延时少的
  • 添加hosts
1
54.231.80.184 github-windows.s3.com

成功 更新 github for windows

重要的说三遍

速度超级慢

速度超级慢

速度超级慢

kali 安装全民wifi当无线网卡

话不多说,直接开始
全民wifi 、小米wifi 等随身wifi 用的是联发科的mt7601u,去官网下载 mt7610u_wifi_sta_v3002_dpo_20130916.tar.bz2

1、解压缩 修改 common/rtusb_dev_id.c 文件
改前:

#ifdef MT7601U
{USB_DEVICE(0x148f,0x6370)}, /* Ralink 6370 */
{USB_DEVICE(0x148f,0x7601)}, /* MT 6370 */
#endif /* MT7601U */

改后:

#ifdef MT7601U
{USB_DEVICE(0x148f,0x6370)}, /* Ralink 6370 */
{USB_DEVICE(0x148f,0x7601)}, /* MT 6370 */
{USB_DEVICE(0x148f,0x760b)},/* 360 Wifi 2 Gen */
{USB_DEVICE(0x2955,0x1001)},/* Xiao Du Wifi */
{USB_DEVICE(0x2a5f,0x1000)},/* Quan Min Wifi */
#endif /* MT7601U */

查看 usb设备的pid命令为:lsusb

2、修改 os/linux/rt_linux.c
第1120行、1123行

else
    pOSFSInfo->fsuid = current_fsuid();
    pOSFSInfo->fsgid = current_fsgid();
#endif

为:

else
    pOSFSInfo->fsuid = *(int *)&current_fsuid();
    pOSFSInfo->fsgid = *(int *)&current_fsgid();
#endif

3、make && make install
4、modprobe mt7601Usta

成功开启无线网卡
放个图得瑟下:
img
点击这里查看大图

test:kali 1.09a x86 with oracle vm virtualbox by win7 64

,