kubectl apply -f mobsf.yaml
TheBinitGhimire
/ README.md
Last active
August 26, 2023 12:39
[Facebook Bug Bounty] Dangling DNS Records on surf-test.xwf.internet.org! - $500
Read the proper write-up here: https://publish.whoisbinit.me/amazon-ec2-dangling-dns-records-on-surf-test-xwf-internet-org!
In this GitHub Gist, I have included my script (main.sh), which I used in discovering this vulnerability.
The script performs sub-domain enumeration over the Internet.org domain using assetfinder, subfinder, sublist3r and amass, and then checks for sub-domains which are further pointing to Amazon EC2 hostnames, and stores all of the results in multiple text files.
I didn't perform any form of manual work in discovering this vulnerability, and my workflow was fully automated with the help of Bash scripting using different tools.
TheBinitGhimire
/ README.md
Last active
February 20, 2023 11:36
Dangling DNS Records leading to Sub-domain Takeover on api.techprep.fb.com!
Read proper write-up here: https://publish.whoisbinit.me/subdomain-takeover-on-api-techprep-fb-com-through-aws-elastic-beanstalk
I have included my script in another file (main.sh), which I used in discovering this vulnerability.
I didn't do any form of manual work in finding this vulnerability, and my workflow was fully automated with Bash scripting.
I have shortened my actual script, and only included the part which helped me in finding this vulnerability in the main.sh file.
TheBinitGhimire
/ forward.php
Created
December 28, 2020 11:03
Get Exact GPS Location of Webpage Visitors with HTML5 Geolocation API and PHP!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Get Exact GPS Location of Webpage Visitors with HTML5 Geolocation API and PHP! | |
| Author: Binit Ghimire | |
| GitHub Profile: https://github.com/TheBinitGhimire | |
| Author URL: https://WHOISbinit.me/ | |
| _________________ | |
| || How to Use? || | |
| ‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾ |
TheBinitGhimire
/ README.md
Last active
April 28, 2024 00:48
Getting an AWS Educate account with $100 worth of cloud credits!
Author: BINIT GHIMIRE
Step 1. Visit https://course.genesecloud.academy/login/signup.php, and create an account! Also, confirm your e-mail, and then login to your account!
TheBinitGhimire
/ go.sh
Created
December 1, 2020 16:56
Install Go on Ubuntu and Debian-based Linux distributions!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Install Go on Ubuntu and Debian-based Linux distributions! | |
| : ' | |
| Perform the following: | |
| 1. chmod +x go.sh; | |
| 2. ./go.sh; | |
| OR | |
| 1. bash go.sh; | |
| ' | |
| wget https://golang.org/dl/go1.15.5.linux-amd64.tar.gz; |
TheBinitGhimire
/ setupy.sh
Created
September 5, 2020 11:38
setupy | Save your time while installing Python tools from GitHub!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setupy by Binit! | |
| setupy(){ | |
| git clone https://github.com/$1/$2 && cd $2 && python3 setup.py install && cd .. && rm -r $2; | |
| } | |
| # Installation | |
| echo -e "\nsetupy(){\n\tgit clone https://github.com/\$1/\$2 && cd \$2 && python3 setup.py install && cd .. && rm -r \$2;\n}" >> ~/.*shrc && source ~/.*shrc | |
| # Usage | |
| setupy author repository |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * | |
| *** Static Excerpts for WordPress | |
| *** Author: Binit Ghimire | |
| *** Author URL: https://WHOISbinit.me/ | |
| *** How to use? | |
| * 1. Insert this piece of code at the end of your Theme Functions file (i.e. functions.php)! | |
| * 2. Replace the content written inside double quotes (" and ") in Line 17 with the static excerpt content that you'd like to use! |
TheBinitGhimire
/ terraform-ec2-sg.tf
Created
August 5, 2020 21:49
Terraform Template to create an EC2 Instance on Default VPC with your name in the "Owner" tag, and Security Group allowing ports 22, 80 and 443 in Inbound Rules (ingress) and all traffic in Outbound Rules (egress)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Terraform Template to create an EC2 Instance on Default VPC with your name in the "Owner" tag, and Security Group allowing ports 22, 80 and 443 in Inbound Rules (ingress) and all traffic in Outbound Rules (egress) | |
| provider "aws" { | |
| region = "us-east-1" | |
| } | |
| data "aws_ami" "ubuntu" { | |
| most_recent = true | |
| filter { |
TheBinitGhimire
/ get_comment_author_country.php
Last active
August 4, 2020 22:13
Get Comment Author Country from IP Address in WordPress