Inês Martins inesmartins
inesmartins
/ htb_cat_xss_account_takeover.py
Last active
April 9, 2025 16:20
HTB Cat Machine | XSS Exploit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib.parse | |
| import argparse | |
| import random | |
| import string | |
| import subprocess | |
| import threading | |
| import requests | |
| # python3 htb_cat_xss_account_takeover.py --ip 10.10.x.x -p xx -u http://cat.htb -f ./cat.jpg |
inesmartins
/ CVE-2023-40028.py
Last active
April 7, 2025 16:40
Python script to exploit Ghost CMS CVE-2023-40028
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import os | |
| import random | |
| import shutil | |
| import string | |
| import subprocess | |
| import tempfile | |
| import requests | |
| class GhostExploit: |
inesmartins
/ team_pass_auth_bypass.py
Last active
March 9, 2025 09:56
TeamPass Auth Bypass based on CVE-2023-1545 exploit from Snyk
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import json | |
| import requests | |
| import base64 | |
| class TeamPassSQLiExploit: | |
| # htpasswd -bnBC 10 "" h4ck3d | tr -d ':\n' | |
| ARBITRARY_HASH='$2y$10$u5S27wYJCVbaPTRiHRsx7.iImx/WxRA8/tKvWdaWQ/iDuKlIkMbhq' |
inesmartins
/ heal_lfi_enum.py
Last active
January 3, 2025 17:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import random | |
| import string | |
| import requests | |
| class HTBHealLFIEnum: | |
| API_URL_ROOT = 'http://api.heal.htb' | |
| def __init__(self): |
inesmartins
/ pytm.yaml
Last active
November 14, 2024 11:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate Threat Modeling Report | |
| on: | |
| pull_request: | |
| types: [opened, reopened, edited, synchronize] | |
| jobs: | |
| pytm: | |
| name: pyTM | |
| runs-on: ubuntu-latest |
inesmartins
/ configure_burp_emulator_proxy.sh
Created
May 10, 2022 11:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| adb root && sleep 2 && | |
| echo '\nRemounting ...' && adb remount && | |
| echo '\nPushing cert ...' && adb push ~/burp-certs/9a5ba575.0 /system/etc/security/cacerts && | |
| echo '\nChanging cert permissions ...' && adb shell 'chmod 664 /system/etc/security/cacerts/9a5ba575.0' && | |
| echo '\nRebooting ...' && adb reboot && | |
| echo '\nDone :)' |
inesmartins
/ bruteforce_jwt_secret.py
Last active
March 23, 2022 15:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import requests | |
| import argparse | |
| import jwt | |
| from datetime import datetime, timezone | |
| invalid_token_msg = 'Invalid Token' | |
| def is_valid_file(parser, arg): | |
| if not os.path.exists(arg): |
inesmartins
/ mysql-to-csv.py
Last active
March 22, 2022 18:36
Exports mySQL tables as individual CSV files.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import argparse | |
| import csv | |
| import mysql.connector | |
| def is_valid_file(parser, arg): | |
| if not os.path.exists(arg): | |
| parser.error("The file %s does not exist!" % arg) | |
| else: | |
| return arg |
inesmartins
/ cve_2020_9496_enum.py
Last active
March 22, 2022 18:35
CVE 2020-9496 Enumeration via LFI and RCE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import argparse | |
| import csv | |
| import mysql.connector | |
| def is_valid_file(parser, arg): | |
| if not os.path.exists(arg): | |
| parser.error("The file %s does not exist!" % arg) | |
| else: | |
| return arg |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import base64 | |
| import argparse | |
| import os | |
| DEFAULT_HEADERS = { 'User-Agent': 'ines-martins-was-here' } | |
| def is_valid_file(parser, arg): | |
| if not os.path.exists(arg): | |
| parser.error("The file %s does not exist!" % arg) |
NewerOlder