Skip to content

Instantly share code, notes, and snippets.

Avatar
:shipit:
always depressed in 0.0.0.0

Alpha gitnepal

:shipit:
always depressed in 0.0.0.0
  • medium.com/@admin.
  • Paradox 0.0.0.0
  • Twitter @___0x00
View GitHub Profile
@gitnepal
gitnepal / crt.sh
Last active Jan 22, 2021
Bash Script to pull list of domains from http://crt.sh for automation and lazy recon @nahamsec / @gitnepal
View crt.sh
#!/bin/bash
#Thanks @nahamsec tweets, @___0x00
if [[ $# -eq 0 ]] ;
then
echo "Usage: ./crt.sh domainname"
exit 1
else
curl 'https://crt.sh/?q=%.'$1'&output=json' | jq '.[] | {name_value}' | sed 's/\"//g' | sed 's/\*\.//g' | sort -u > $1.txt
cat $1.txt
fi
@gitnepal
gitnepal / wpusers.sh
Created May 31, 2018
WordPress Users Enumeration {/wp-json/wp/v2/users} - Short and easy , @gitnepal
View wpusers.sh
#!/bin/bash
#curl"//wp-json/wp/v2/users" //rootnep.al /@___0x00
if [[ $# -eq 0 ]] ;
then
echo "Usage: ./wpuser.sh wpdomain"
exit 1
else
curl 'https://'$1'/wp-json/wp/v2/users' | jq '.[]|.slug' | tr -d '"' | sort -u > $1.txt
echo "Users:"
cat $1.txt
@gitnepal
gitnepal / districts.json
Created Aug 20, 2018
Districts Nepal [pvt test]
View districts.json
{
"d": [
{
"__type": "District:alpha.library",
"RowNum": 0,
"RowTotal": 0,
"DistrictID": 68,
"DistrictName": "Acham",
"ZoneID": 0,
View alpha_wp_secure.txt
##Change Database Prefix
Do not use wp_
Replace testsite_
##Permissions
wp-config.php -> 400
uploads folder -> 755
htaccess files -> 400
##Security Plugins
View tweets.txt
filename="/./hey/.js?c=a.pnG%0a\"
Content-Type:
<html><script>alert(0)</script>
File uploader was looking for .png, but we break it with pnG%0a - blank content type and it defaults to what it can detect in the file
@gitnepal
gitnepal / vimarrows.txt
Last active Dec 13, 2018
vim fix arrows keys that display ABCD
View vimarrows.txt
Go to home path $HOME
Create .vimrc
ADD this line :
set nocompatible
Save
@gitnepal
gitnepal / desktop.sh
Created Dec 13, 2018
Switching Desktop Monitors Screens
View desktop.sh
#!/usr/bin/env bash
xrandr --auto --output HDMI-1-1 --mode 1920x1080 --left-of eDP-1-1
# run xrandr first see your monitor names and resolution, change above codes as your dependencies
@gitnepal
gitnepal / asciigen.sh
Created Dec 23, 2018
Encoding Strings to charcode | Bash scripts
View asciigen.sh
#!/bin/bash
if [ -z "$1" ]; then
echo "Enter Text"
exit 1
fi
#Run script as
#./asciigen.sh texthere | awk {'print $6'} | tr "\n" " "
#Usage if you want numbers only
foo=$1
for (( i=0; i<${#foo}; i++ ));
@gitnepal
gitnepal / http_codes_twitter.sh
Last active Jan 16, 2019
Bash script used to scan and distinguish dumped and brute sub domains | DEMO TWITTER
View http_codes_twitter.sh
#!/bin/bash
for foo in $(cat twitterdomain) #demolist: https://hastebin.com/ahelalunan.css
do
http_code=$(curl $foo -w %'{http_code}' -o /dev/null -s)
if [[ $http_code -eq 000 ]];
then
echo -e "$http_code Subdomain not working $foo \n" | tee -a notworking.log
else
echo -e "$http_code Check it $foo \n" | tee -a working.log
fi
@gitnepal
gitnepal / referer.php
Last active Mar 29, 2019
php-custom-referrer.php | bypassing csrf protections
View referer.php
<?PHP
$desired_referer = "http://rootnep.al";
$site_z = "http://www.whatismyreferer.com/";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_REFERER, $desired_referer);
curl_setopt ($ch, CURLOPT_URL, $site_z);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_exec ($ch);