Skip to content

Instantly share code, notes, and snippets.

View adityatelange's full-sized avatar
🚧
Opinions are my own

Aditya Telange adityatelange

🚧
Opinions are my own
273 followers · 38 following
View GitHub Profile
@adityatelange
adityatelange / Postman.desktop
Created February 19, 2021 05:54
Adding icon launcher for Postman Native App in Ubuntu/GNOME based DE
# location: ".local/share/applications/Postman.desktop"
[Desktop Entry]
Encoding=UTF-8
Version=1.0
Type=Application
Name=Postman
Icon=/opt/Postman/app/resources/app/assets/icon.png
Path=/opt/Postman
Exec=/opt/Postman/Postman
@adityatelange
adityatelange / PowerView-3.0-tricks.ps1
Created March 18, 2023 05:24 — forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@adityatelange
adityatelange / 12.0.0_r42-to-12.0.0_r43.diff.txt
Created January 28, 2023 12:45
Contains patch commits for AOSP 12 January 2023 ASB
project build/make/
f6d99e9 Version bump to SSV1.210916.052 [core/build_id.mk]
6f6a416 Version bump to SSV1.210916.051 [core/build_id.mk]
project frameworks/base/
4bdc1bb0 Merge cherrypicks of [18589618, 19970204, 19785208, 20123964, 20207735, 20215497, 20218918, 20029947, 20250994, 20241730, 20105848, 20210471, 20256127, 20191680, 20219552] into security-aosp-sc-release.
d7206ac5 Ensure that only SysUI can override pending intent launch flags
53bf3f19 Fix sharing to another profile where an app has multiple targets
e8ce3813 Add protections against queueing a UsbRequest when the underlying UsbDeviceConnection is closed.
0004ae99 RESTRICT AUTOMERGE Revoke SYSTEM_ALERT_WINDOW on upgrade past api 23
@adityatelange
adityatelange / ovpn.md
Created January 15, 2023 06:08
Fix release_arena.ovpn file from @hackthebox

Fix =>

verb 3
- cipher AES-128-CBC
+ data-ciphers-fallback AES-128-CBC
+ data-ciphers AES-256-CBC:AES-256-CFB:AES-256-CFB1:AES-256-CFB8:AES-256-OFB:AES-256-GCM
+ tls-cipher "DEFAULT:@SECLEVEL=0"
auth SHA256
@adityatelange
adityatelange / codiumUp.sh
Last active November 6, 2022 06:02
Update VSCodium on Ubuntu / Deb amd64
#!/bin/bash
urls=$(wget -O- -q https://api.github.com/repos/VSCodium/vscodium/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "amd64")
# urls=$(wget -O- -q --header="Authorization: token xyzABC" https://api.github.com/repos/VSCodium/vscodium/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "amd64")
IFS=', ' read -r -a array <<< $urls
name=$(echo $array | cut -d '/' -f 9)
version=$(echo $name | cut -d "_" -f 2 | cut -d "-" -f 1)
IFS='.' read -a sarray <<< $version
version=$(echo ${sarray[0]}.${sarray[1]}.${sarray[2]})
@adityatelange
adityatelange / hugoUp.sh
Last active November 6, 2022 05:46
Update Hugo [not extended] on Ubuntu / Deb amd64
#!/bin/bash
url=$(wget -O- -q https://api.github.com/repos/gohugoio/hugo/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "linux-amd64.deb" | grep -v "hugo_extended")
# url=$(wget -O- -q --header="Authorization: token xyzABC" https://api.github.com/repos/gohugoio/hugo/releases/latest | grep browser_download_url | cut -d '"' -f 4 | grep "linux-amd64.deb" | grep -v "hugo_extended")
version=$(echo $url | cut -d '/' -f 8 | cut -d 'v' -f 2)
name=$(echo $url | cut -d '/' -f 9)
checksums_url="https://github.com/gohugoio/hugo/releases/download/v${version}/hugo_${version}_checksums.txt"
installed_ver=$(hugo version | cut -d "v" -f 2 | cut -d "-" -f 1)
@adityatelange
adityatelange / fetch_Vercel_Serverless.js
Created June 29, 2022 13:40
const fetch = (...args) => import('node-fetch').then(({ default: fetch }) => fetch(...args));
// The main, exported, function of the endpoint,
// dealing with the request and subsequent response
module.exports = async (req, res) => {
const url = req.query.url || req.body.url;
const res = await fetch(url, {
method: 'GET',
});
// Store fetched HTML in data
@adityatelange
adityatelange / distccd_rce_CVE-2004-2687.py
Last active May 31, 2022 17:59 — forked from DarkCoderSc/distccd_rce_CVE-2004-2687.py
(CVE-2004-2687) DistCC Daemon - Command Execution (Python)
# -*- coding: utf-8 -*-
'''
distccd v1 RCE (CVE-2004-2687)
This exploit is ported from a public Metasploit exploit code :
https://www.exploit-db.com/exploits/9915
The goal of that script is to avoid using Metasploit and to do it manually. (OSCP style)
@adityatelange
adityatelange / hackthebox-writeups-download.py
Created May 31, 2022 03:05
This script helps VIP users download all the write-ups from HTB
import requests, time
print('Beginning file download with requests')
# get app token here https://app.hackthebox.com/profile/settings
token = ''
def downloadWU(x):
url = 'https://www.hackthebox.com/api/v4/machine/writeup/{}'.format(x)
r = requests.get(url,
@adityatelange
adityatelange / bucket-disclose.sh
Created May 3, 2022 11:01 — forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"