Skip to content

Instantly share code, notes, and snippets.

Avatar

0xsha

View GitHub Profile
@0xsha
0xsha / Solarwinds_Orion_LFD.py
Last active Oct 21, 2021
Solarwinds_Orion_LFD local file disclosure PoC for SolarWinds Orion aka door to SuperNova?)
View Solarwinds_Orion_LFD.py
# CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? )
# @0xSha
# (C) 2020 0xSha.io
# Advisory : https://www.solarwinds.com/securityadvisory
# Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip
# Details : https://kb.cert.org/vuls/id/843464
# C:\inetpub\SolarWinds\bin\OrionWeb.DLL
# According to SolarWinds.Orion.Web.HttpModules
@0xsha
0xsha / CVE-2020-8515.go
Last active Mar 19, 2021
CVE-2020-8515: DrayTek pre-auth remote root RCE
View CVE-2020-8515.go
package main
/*
CVE-2020-8515: DrayTek pre-auth remote root RCE
Mon Mar 30 2020 - 0xsha.io
Affected:
@0xsha
0xsha / CVE-2019-16278_mass.py
Created Jan 4, 2020
CVE-2019-16278 nhttpd (nostromo) < 1.9.7 pre-auth RCE
View CVE-2019-16278_mass.py
# CVE-2019-16278 nhttpd (nostromo) < 1.9.7 pre-auth RCE
# Based on https://git.sp0re.sh/sp0re/Nhttpd-exploits
# Write-up : https://www.sudokaikan.com/2019/10/cve-2019-16278-unauthenticated-remote.html
# Copyright (C) 2020 0xsha.io <me@0xsha.io>
"""
python3 cve_2019_16278.py
[~] Trying ... 62.138.23.XXX 53
View async-1.py
# 0xsha.io
# 11/2019
import aiohttp
import asyncio
import time
urls = ["https://0xsha.io","https://twitter.com", "https://google.com", "https://yahoo.com", "https://facebook.com", "https://msn.com",
"https://bing.com", "https://golang.org", "https://twitter.com", "https://netflix.com",
View dirbuster-asyncio.py
# dirbuster Asyncio example
# © 0xSha.io
# 11/2019
import asyncio
from aiohttp import ClientSession
import time
View tesla-stub-decrypt.cs
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
// Tesla Decrypt
// © 0xSha.io