Skip to content

Instantly share code, notes, and snippets.

🎯
Focusing

Askar mhaskar

🎯
Focusing
View GitHub Profile
@mhaskar
mhaskar / Medusa-Exploit.py
Created Aug 20, 2018
Unauthenticated RCE - Medusa Crowd-Sensing Framework
View Medusa-Exploit.py
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28
@mhaskar
mhaskar / find_address.py
Last active Oct 4, 2018
Find DLL function address using python
View find_address.py
#!usr/bin/python
'''
Description : find any windows function address from any DLL
Author : Askar @mohammadaskar2
'''
from ctypes import windll
import sys
@mhaskar
mhaskar / Medusa-Exploit.py
Created Aug 20, 2018
Unauthenticated RCE - Medusa Crowd-Sensing Framework (CVE-2018-15577)
View Medusa-Exploit.py
#!/usr/bin/python
'''
# Exploit Title: Medusa Crowd-Sensing Framework "web_tt_upload.php" Unauthenticated RCE
# Date: 16/08/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-15577 - RESERVED
# Vendor Homepage: https://github.com/USC-NSL/Medusa/
# Version: V1.0
# Tested on: Ubuntu 16.04 / PHP 7.0.28
View fusionpbx_services.rb
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'FusionPBX v4.4.8 authenticated Remote Code Execution',
'Privileged' => true,
View librenms-exploit.py
#!/usr/bin/python
'''
# Exploit Title: LibreNMS v1.46 authenticated Remote Code Execution
# Date: 24/12/2018
# Exploit Author: Askar (@mohammadaskar2)
# CVE : CVE-2018-20434
# Vendor Homepage: https://www.librenms.org/
# Version: v1.46
# Tested on: Ubuntu 18.04 / PHP 7.2.10
View Shellcode-Process-Injector.c
#include <windows.h>
#include <sys/types.h>
#include <unistd.h>
int main(int argc, char **argv){
//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode
View .bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
alias python3=python3.6
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace
You can’t perform that action at this time.