This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// SPDX-License-Identifier: UNLICENSED | |
pragma solidity ^0.8.19; | |
import {Test, console2} from "forge-std/Test.sol"; | |
// @KeyInfo - Total Lost: ~$11M | |
// Attacker: 0x7e39e3b3ff7adef2613d5cc49558eab74b9a4202 | |
// Attack Contract: 0xd996073019c74b2fb94ead236e32032405bc027c | |
// Vulnerable Contract: 0xcc7218100da61441905e0c327749972e3cbee9ee | |
// Attack Tx: https://etherscan.io/tx/0x00c503b595946bccaea3d58025b5f9b3726177bbdc9674e634244135282116c7 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// paradigm CTF 2022 - rescue | |
// @0xSha | |
import { loadFixture, time } from "@nomicfoundation/hardhat-network-helpers"; | |
import { expect } from "chai"; | |
import { ethers } from "hardhat"; | |
describe("Deploy with 10 ETH", function () { | |
async function deploySetup() { | |
// Contracts are deployed using the first signer/account by default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# CVE-2021-44142 PoC Samba 4.15.0 OOB Read/Write | |
# (C) 2022 - 0xSha.io - @0xSha | |
# This PoC is un-weaponized and for educational purposes only . | |
# To learn how to use the PoC please read the writeup : | |
# https://0xsha.io/blog/a-samba-horror-story-cve-2021-44142 | |
# requires samba4-python | |
# Refrences : | |
# https://www.thezdi.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin | |
# Patch : https://attachments.samba.org/attachment.cgi?id=17092 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? ) | |
# @0xSha | |
# (C) 2020 0xSha.io | |
# Advisory : https://www.solarwinds.com/securityadvisory | |
# Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip | |
# Details : https://kb.cert.org/vuls/id/843464 | |
# C:\inetpub\SolarWinds\bin\OrionWeb.DLL | |
# According to SolarWinds.Orion.Web.HttpModules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
/* | |
CVE-2020-8515: DrayTek pre-auth remote root RCE | |
Mon Mar 30 2020 - 0xsha.io | |
Affected: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# CVE-2019-16278 nhttpd (nostromo) < 1.9.7 pre-auth RCE | |
# Based on https://git.sp0re.sh/sp0re/Nhttpd-exploits | |
# Write-up : https://www.sudokaikan.com/2019/10/cve-2019-16278-unauthenticated-remote.html | |
# Copyright (C) 2020 0xsha.io <me@0xsha.io> | |
""" | |
python3 cve_2019_16278.py | |
[~] Trying ... 62.138.23.XXX 53 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# 0xsha.io | |
# 11/2019 | |
import aiohttp | |
import asyncio | |
import time | |
urls = ["https://0xsha.io","https://twitter.com", "https://google.com", "https://yahoo.com", "https://facebook.com", "https://msn.com", | |
"https://bing.com", "https://golang.org", "https://twitter.com", "https://netflix.com", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# dirbuster Asyncio example | |
# © 0xSha.io | |
# 11/2019 | |
import asyncio | |
from aiohttp import ClientSession | |
import time |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Generic; | |
using System.IO; | |
using System.Linq; | |
using System.Security.Cryptography; | |
using System.Text; | |
// Tesla Decrypt | |
// © 0xSha.io |