Skip to content

Instantly share code, notes, and snippets.

Avatar
:electron:

Ramadhan Amizudin RamadhanAmizudin

:electron:
View GitHub Profile
@RamadhanAmizudin
RamadhanAmizudin / generate-nric.py
Created Apr 18, 2022
Malaysian's Identification Number Generation Tool
View generate-nric.py
#!/usr/bin/env python3
#
# Malaysian's Identification Number Generation Tool.
# Copyright (C) 2022
#
# MIT License
#
import argparse
from datetime import date, timedelta
View main.dart
void main() {
final whiteListURL = [
"vxcert.moh.gov.my",
"action.openattestation.com",
"www.verify.gov.sg"
];
final u = Uri.parse("http://127.1.1.1:127.2.2.2:80/");
if(whiteListURL.contains(u.host)) {
print("ada");
} else {
@RamadhanAmizudin
RamadhanAmizudin / getBase64FromImageUrl.js
Created Apr 26, 2021
[Javascript] Get Base64 Image from URL
View getBase64FromImageUrl.js
function getBase64FromImageUrl(url) {
var img = new Image();
img.crossOrigin = "anonymous";
img.onload = function() {
var canvas = document.createElement("canvas");
canvas.width = this.width;
canvas.height = this.height;
var ctx = canvas.getContext("2d");
ctx.drawImage(this, 0, 0);
var dataURL = canvas.toDataURL("image/png");
@RamadhanAmizudin
RamadhanAmizudin / main.php
Created Apr 6, 2021
showcaller request/response encoder and decoder
View main.php
<?php
$d = Decode("ezL2hGG2gbMjQmEsJpQzZoTic2AveaVvfKQiPnwhfR==");
print($d . "\n");
$e = Encode($d);
print($e . "\n");
function Decode($str)
{
$str = str_split($str);
@RamadhanAmizudin
RamadhanAmizudin / decrypt.py
Last active Dec 12, 2020
Python script to decrypt file encrypted by Monaca
View decrypt.py
# Blogpost: https://blog.rz.my/2020/12/decrypting-monaca-encrypt-plugin.html
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.backends import default_backend
from base64 import b64decode, b64encode
import argparse
def encrypt(key, iv, data):
cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
encryptor = cipher.encryptor()
@RamadhanAmizudin
RamadhanAmizudin / l7nr2000.rb
Created Sep 21, 2018
TM UniFI L7-N-R2000 Remote Command Injection
View l7nr2000.rb
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'net/ssh'
class Metasploit3 < Msf::Exploit::Remote
Rank = NormalRanking
@RamadhanAmizudin
RamadhanAmizudin / app.js
Last active Oct 17, 2021
Decrypt Cordova Crypt File Plugin
View app.js
// Blogpost: http://blog.rz.my/2017/11/decrypting-cordova-crypt-file-plugin.html
var fs = require("fs"),
path = require("path"),
crypto = require("crypto");
var config = {
key : 'CRYPT_KEY',
iv : 'CRYPT_IV'
}
@RamadhanAmizudin
RamadhanAmizudin / gist:205d5da32c55a5d7f49a1f5f4abbce3c
Last active Oct 27, 2016
joomla 6.3.4 privilege escalation - explaination?
View gist:205d5da32c55a5d7f49a1f5f4abbce3c
kalau tengok commit joomla 3.6.4, akan prasan ada method yang dibuang => https://github.com/joomla/joomla-cms/commit/2983d196840a7da2abf62c00ac2f3ee4864179b4
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/controllers/user.php#L293 Function Register yang dibuang dalam joomla 6.3.4
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/controllers/user.php#L346 basically semua dari post data dihantar ke user $model->regiser
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L381 $model->register method
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L390-L393 reassign variable $temp(which is data dari user.php#L346) ke $data[$key] = $value
https://github.com/joomla/joomla-cms/blob/3.6.3/components/com_users/models/registration.php#L409 dia bind semua $data ke $user object
https://github.com/joomla/joomla-cms/blob/3.6.3/libraries/joomla/user/user.php#L595 $user->bind() method
https://github
View config.cfg
unbindall
bind "0" "slot10"
bind "1" "slot1"
bind "2" "slot2"
bind "3" "slot3"
bind "4" "slot4"
bind "5" "slot5"
bind "6" "slot6"
bind "9" "slot9"
bind "a" "+moveleft"
View autoexec.cfg
// launch option
// -noforcemparms -noforcemaccel -noforcemspd -novid -high -freq 120 -tickrate 128
// Common Stuff's
// Common Stuff's
rate "128000"
cl_cmdrate "128"
cl_updaterate "128"
cl_interp "0.0"