Skip to content

Instantly share code, notes, and snippets.

View RamadhanAmizudin's full-sized avatar
:electron:

Ramadhan Amizudin RamadhanAmizudin

:electron:
View GitHub Profile
@RamadhanAmizudin
RamadhanAmizudin / pull.py
Created December 15, 2023 12:33
Pull list of popular wordpress plugin
import requests
page = 1
url = "https://api.wordpress.org:443/plugins/info/1.2/?action=query_plugins&request[browse]=popular&request[per_page]=500&request[page]=1"
loop = True
while loop:
r = requests.get(url)
rj = r.json()
for plugin in rj['plugins']:
if plugin['active_installs'] >= 50000:
@RamadhanAmizudin
RamadhanAmizudin / misirakyat.js
Created July 4, 2023 16:02
misirakyat.com :)
// Sambung dari: https://www.facebook.com/100000118263227/posts/pfbid08EseyuLaiE8kK82k4neHDgDwEJ5wHwJMb99T8jKF8dTSNpfnZs2bjk89KH8cCSFfl/?d=w&mibextid=qC1gEa
const crypto = require('crypto');
const print = console.log
function getTimestamp(data) {
let key = crypto.pbkdf2Sync('misirakyat','misirakyat', 7, 32, "md5");
let iv = crypto.pbkdf2Sync('po9','misirakyat', 7, 16, "md5");
let decrypter = crypto.createDecipheriv("aes-256-cbc", key, iv);
let decrypted = Buffer.concat([
@RamadhanAmizudin
RamadhanAmizudin / generate-nric.py
Created April 18, 2022 06:52
Malaysian's Identification Number Generation Tool
#!/usr/bin/env python3
#
# Malaysian's Identification Number Generation Tool.
# Copyright (C) 2022
#
# MIT License
#
import argparse
from datetime import date, timedelta
void main() {
final whiteListURL = [
"vxcert.moh.gov.my",
"action.openattestation.com",
"www.verify.gov.sg"
];
final u = Uri.parse("http://127.1.1.1:127.2.2.2:80/");
if(whiteListURL.contains(u.host)) {
print("ada");
} else {
@RamadhanAmizudin
RamadhanAmizudin / getBase64FromImageUrl.js
Created April 26, 2021 09:00
[Javascript] Get Base64 Image from URL
function getBase64FromImageUrl(url) {
var img = new Image();
img.crossOrigin = "anonymous";
img.onload = function() {
var canvas = document.createElement("canvas");
canvas.width = this.width;
canvas.height = this.height;
var ctx = canvas.getContext("2d");
ctx.drawImage(this, 0, 0);
var dataURL = canvas.toDataURL("image/png");
@RamadhanAmizudin
RamadhanAmizudin / main.php
Created April 6, 2021 08:20
showcaller request/response encoder and decoder
<?php
$d = Decode("ezL2hGG2gbMjQmEsJpQzZoTic2AveaVvfKQiPnwhfR==");
print($d . "\n");
$e = Encode($d);
print($e . "\n");
function Decode($str)
{
$str = str_split($str);
@RamadhanAmizudin
RamadhanAmizudin / decrypt.py
Last active December 12, 2020 17:50
Python script to decrypt file encrypted by Monaca
# Blogpost: https://blog.rz.my/2020/12/decrypting-monaca-encrypt-plugin.html
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.backends import default_backend
from base64 import b64decode, b64encode
import argparse
def encrypt(key, iv, data):
cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
encryptor = cipher.encryptor()
@RamadhanAmizudin
RamadhanAmizudin / l7nr2000.rb
Created September 21, 2018 11:51
TM UniFI L7-N-R2000 Remote Command Injection
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'net/ssh'
class Metasploit3 < Msf::Exploit::Remote
Rank = NormalRanking
@RamadhanAmizudin
RamadhanAmizudin / app.js
Last active June 19, 2023 18:54
Decrypt Cordova Crypt File Plugin
// Blogpost: http://blog.rz.my/2017/11/decrypting-cordova-crypt-file-plugin.html
var fs = require("fs"),
path = require("path"),
crypto = require("crypto");
var config = {
key : 'CRYPT_KEY',
iv : 'CRYPT_IV'
}
@RamadhanAmizudin
RamadhanAmizudin / gist:205d5da32c55a5d7f49a1f5f4abbce3c
Last active October 27, 2016 01:27
joomla 6.3.4 privilege escalation - explaination?
kalau tengok commit joomla 3.6.4, akan prasan ada method yang dibuang => https://github.com/joomla/joomla-cms/commit/2983d196840a7da2abf62c00ac2f3ee4864179b4
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/controllers/user.php#L293 Function Register yang dibuang dalam joomla 6.3.4
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/controllers/user.php#L346 basically semua dari post data dihantar ke user $model->regiser
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L381 $model->register method
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L390-L393 reassign variable $temp(which is data dari user.php#L346) ke $data[$key] = $value
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L409 dia bind semua $data ke $user object
https://github.com/joomla/joomla-cms/blob/3.6.3/libraries/joomla/user/user.php#L595 $user->bind() method
https://github