Skip to content

Instantly share code, notes, and snippets.

Avatar
😏
Laides, ladies. I'm only here for the 0days.

Marshall Whittaker oxagast

😏
Laides, ladies. I'm only here for the 0days.
View GitHub Profile
@oxagast
oxagast / qg.c
Created Nov 10, 2020
Zero character C compiler nuance quine
View qg.c
/* echo > qg.c && gcc qg.c -o gg.o -c && ld gg.o -o quine 2>/dev/null && ./quine | cat */
View pxe_boot
subnet 10.0.0.0 netmask 255.0.0.0 {
# filename "pxe/pxelinux.0";
next-server 10.1.1.1;
if substring (option vendor-class-identifier, 15, 5) = "00007" {
filename "/grubx64.efi";
}
else {
filename "/pxelinux.0";
}
View sqlmap tamper scripts
# All scripts
```
--tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
```
# General scripts
```
--tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
```
# Microsoft access
```
View funjumps.sh
### oxagast ###
# jump to an arbitrary function via buffer overflow
FUNCTION="spawnme";
BINARY="./bo";
OTHEROPTS="a";
BUFFERLEN=16;
@oxagast
oxagast / wifihuh.txt
Created Apr 26, 2020
Saw this SSID, huh
View wifihuh.txt
[kali@kali]{01:28 AM}: [~] $ sudo iw dev wlan0 scan | grep "BSS 88:de:a9:68:04:27" -A 78
BSS 88:de:a9:68:04:27(on wlan0)
last seen: 2116.208s [boottime]
TSF: 1121530265658 usec (12d, 23:32:10)
freq: 2437
beacon interval: 100 TUs
capability: ESS Privacy SpectrumMgmt ShortSlotTime (0x0511)
signal: -90.00 dBm
last seen: 512 ms ago
SSID: \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
@oxagast
oxagast / pentest_tools.txt
Last active Mar 30, 2020
List of my favorite penetration testing tools (not all hacking related)
View pentest_tools.txt
--== My favorite penetration testing tools ==--
--== Notes ==--
This list is far from complete, and not everything on the list is specifically a "hacker tool"
--== List ==--
Wireshark
Valgrind
dnscat
dns2tcp
XSSer
curl/wget
@oxagast
oxagast / sudo-lolwut.log
Last active Jan 16, 2020
I'm pretty sure that shouldn't happen - sudo/useradd '#0'
View sudo-lolwut.log
root@debian-sid-testbed:/home/marshall/ansvif# useradd '#0'
root@debian-sid-testbed:/home/marshall/ansvif# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
@oxagast
oxagast / sudo_erroot.sh
Last active Nov 14, 2019
Write to /etc/sudoers using file descriptor 3 on sudo's process while asking for a pass
View sudo_erroot.sh
# oxagast / Marshall Whittaker
#
# The echo line uses sudoers file format to allow for everyone to
# use the root account and writes it to proc/23423/fd/3 (where
# the number is sudo's process. If you have write access to file
# descriptor 3 it gives you root!
# Cavets: sudo must be running asking for a password at the time.
# you must have write permission to 3.
#
# Race condition between when getting the uid of sudo and the
View server_autopwn.rb
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/base/sessions/scriptable'
require 'msf/base'
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::Tcp
include Msf::Auxiliary::Report
View makeitrain.sh
#!/bin/bash
#
# ./makeitrain.sh bitcoin-qt.crashdump.core
# __ _ _ __ ___ __ ____ ____
# / ( \/ )/ _\ / __)/ _\/ ___(_ )
# ( O ) (/ ( (_ / \___ \ )(
# \__(_/\_\_/\_/\___\_/\_(____/(__)
#
# Donations:
# btc: 34fDhMUkvGVr1s2jQvhwmBfw1xqjstrLed
You can’t perform that action at this time.