chrispetrou
/ scrape_mails.py
Created
September 4, 2019 23:33
Tiny snippet that collects emails from webpage...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys, re, requests | |
| for email in list(set(re.findall(r'([^\s":<>]+@[^\s":<>]+[.][^\s":<>]+)', requests.get(sys.argv[1], verify=False).text))): print(email) |
chrispetrou
/ getmac.sh
Created
September 4, 2019 23:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -lt 1 ]; then | |
| echo "getmac.sh <IP>" | |
| fi | |
| IP=$1 | |
| ping_output=$(ping -c1 $IP) | |
| mac=ping_output; arp -a | grep $IP | cut -d ' ' -f4 |
chrispetrou
/ genMAC.pl
Last active
March 18, 2019 00:09
Random MAC address generator, implemented in perl...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl -w | |
| use v5.28; | |
| use strict; | |
| sub genMAC { | |
| my $mac; $mac .= sprintf("%x", rand 16) for 1..12; | |
| $mac =~ s/(..)/$1:/g; | |
| return $mac =~ s/:$//r; | |
| } |
chrispetrou
/ dvwa_login.py
Created
November 3, 2018 01:40
Login & interact with dvwa application using python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| from bs4 import BeautifulSoup | |
| url = "http://127.0.0.1/dvwa/login.php" | |
| def get_token(source): | |
| soup = BeautifulSoup(source, "html.parser") | |
| return soup.find('input', { "type" : "hidden" })['value'] |
chrispetrou
/ webmin_lfi.py
Last active
September 25, 2018 13:11
Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure python exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Webmin < 1.290 / Usermin < 1.220 - Arbitrary File Disclosure exploit | |
| # python version of the perl exploit found here: | |
| # https://www.exploit-db.com/exploits/2017/ | |
| import sys | |
| from requests import get | |
| from requests.exceptions import * | |
| from colorama import Fore,Back,Style |
chrispetrou
/ CVE-2017-5638.sh
Last active
August 13, 2019 14:19
A semi-interactive shell for the CVE-2017-5638 exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # A semi-interactive shell for the CVE-2017-5638 exploit | |
| # (it is actually a wrapper of the CVE-2017-5638 exploit) | |
| # which simply makes the shell a bit more functional. | |
| # used on HackTheBox, stratosphere machine: http://10.10.10.64/Monitoring/example/Welcome.action | |
| if [ ! -z "$1" ]; then | |
| url=$1 | |
| else |