Skip to content

Instantly share code, notes, and snippets.

📃
Also in git.rlab.be/hackan

HacKan HacKanCuBa

📃
Also in git.rlab.be/hackan
Block or report user

Report or block HacKanCuBa

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View ra-tov
This file has been truncated, but you can view the full file.
-----BEGIN PGP MESSAGE-----
owEM1gNyIAgAALDatu12a9u2bdu2bdu2bdu2bfPuE5nEwwIDQCG6YntRDtYG+QPW
AsBfIRoSuNo5/zNwJHCxNSCwMbA2IDCxNjEysrCzpbU3NqU1szdTCfLSiYYFgQQG
asXh7sNnYozVX7wBPCFu1IFMrqM32uQkpPNQB4SNGx5YGnPBXf0yfb5Qj9/A0CsY
lYwxx/WRDrNn9RIyXp97MHGhV4JH/sdQO3ADtOf/t5zES6Egcwih2LbxdytCzpvt
nvOayyhoOTIxebTeY+yqBqgTYBIjYKBa7RpoaBf6DVBKUWVI0OWuAc8AXJ6BNZPe
cSHr8FuvL+Kx5+RXKobtMUt3aCT93dQU1gnrsO+1k260yI2ALk0iDSosfEqkLUiO
h5i7VBJYj91TrtooXIp6L2SHgiCEuMa20CmJCJlLqCqtNYpQP+xp3P8gVs+eKmf6
View Ataque multivoto al sistema Vot.Ar
-----BEGIN PGP MESSAGE-----
owHsuQVUXMu2KNpIgODu0GhwdwmNa3B3CO4eCAEaJ7gFDQ4JFiC4BoK7OyTBAyG4
a/fv5OyzJfuce+7//9033hj/L0axqmdVTatpVSsBAwGAivOM7AVTV2VIIFwl4AHF
wlMaCU9zNy8rZS9HTzs2HRdPF3NNOw9PKydzWJ9dwp3d1dJaO40nn15NWpaNi50X
lb7jsgCCysNJxUnl8tQeVVSUiuOJnbOVubudr5UlFRfsFxUPDx+3ICcVhzyVIRUX
FxcfFbeQIJUxFYcqbISKQwYG4+YR5KPiUKHip+LQggF5+fi5qMTEUK2cLX/gpPrf
96D6uFtZ/5CGhxeV87cHxvDPN5Uz1W8wLk5+3r/BuP7FPF4unr/BBDh/hXHxCAr8
CuPm4+b9G0yAh//vMF4+ob/B+P4FjF+I/28wQR6Bv8GEBH6VjVuQi0vwbzBufs5f
YUJ/1wu3EO/f6PJwcgr8io+Hk/dvOuDh5Bf8+1ohQa5fYVw8XL/KwcPFL8D9K4yb
View keybase.md

Keybase proof

I hereby claim:

  • I am hackancuba on github.
  • I am hackan (https://keybase.io/hackan) on keybase.
  • I have a public key ASClVoZXLVRXbbPLGBaUhBuXUqqso1Cz9_Tcnasvn-CD5Ao

To claim this, I am signing this object:

View kernelcleaner.sh
#!/bin/bash
############################################################
# Script que elimina todos los kernels salvo el que se
# encuentra en uso (MODO=1), o salvo el que se encuentra
# en uso y el anterior (MODO=2).
#
# **************************************************************
# ** NO ME RESPONSABILIZO POR DAÑOS QUE PUDIERAN SER CAUSADOS **
# ** SEA POR BUEN O MAL USO DE ESTE SCRIPT **
# **************************************************************
View emergencylockdown.bash
#!/bin/bash
################################################################################
#
# ~~~~ Emergency Lockdown ~~~~
# Forces a lockdown on the system: kills the keys and luks headers,
# then reboots.
# Copyright (C) 2015 by HacKan
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@HacKanCuBa
HacKanCuBa / phpinfo.php
Last active Sep 14, 2018
Safe phpinfo file
View phpinfo.php
<?php
// Safe PHPInfo file by HacKan
// You should prefer to delete it after using it, but we know how that can go... at least, be safe
// create passwd with:
// php -r '$pass = bin2hex(random_bytes(10)); echo "Plain: ", $pass, PHP_EOL, "Encrypted: ", password_hash($pass, PASSWORD_DEFAULT), PHP_EOL;'
define('PASSWD','');
$p = filter_input(INPUT_GET, 'p', FILTER_SANITIZE_STRING);
if (!empty(PASSWD) && !empty($p) && password_verify($p, PASSWD)) {
@HacKanCuBa
HacKanCuBa / settings.py
Created Mar 13, 2019
Django 2 + REST Framework 3 generic settings: it uses env vars with mostly safe defaults (replace PROJNAME for the name of your project; read through the settings and change what you need)
View settings.py
"""
Django settings for PROJNAME project.
Generated by 'django-admin startproject' using Django 2.1.5.
For more information on this file, see
https://docs.djangoproject.com/en/2.1/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/2.1/ref/settings/
@HacKanCuBa
HacKanCuBa / exfiltrate.html
Created May 15, 2018
PoC to exfiltrate signal-desktop messages exploiting CVE-2018-11101 or CVE-2018-10994
View exfiltrate.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<!--
DO NOT USE THIS IN REAL LIFE, IT'S JUST A POC! Be nice, don't hack activists :)
by HacKan: https://ivan.barreraoro.com.ar/signal-desktop-html-tag-injection-variant-2
under GNU GPL v3.0+
-->
</head>
View connector.py
"""Wrappers around Python 3 Requests library.
This lib will log errors, warnings and request duration, not raising any
exception: in such error cases, an empty dict is returned. To identify, if
necessary, that there where errors, a with_error flag must be set in the
arguments so that the methods return a tuple in the form of
(response_data: any, error: bool).
If there's any response expected from the endpoint, it will be returned
JSON-converted as-is, which means it's either valid JSON (string, number,
@HacKanCuBa
HacKanCuBa / sshd_config
Last active Jun 21, 2019
Modern secure SSH daemon config
View sshd_config
# Modern secure (OpenSSH Server 7+) SSHd config by HacKan
# Refer to the manual for more info: https://www.freebsd.org/cgi/man.cgi?sshd_config(5)
# Server fingerprint
# Regenerate with: ssh-keygen -o -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa -b 4096
HostKey /etc/ssh/ssh_host_rsa_key
# Regerate with: ssh-keygen -o -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
HostKey /etc/ssh/ssh_host_ed25519_key
# Log for audit, even users' key fingerprint
You can’t perform that action at this time.