Çağrı sh4dowb
sh4dowb
/ decrypt.py
Created
September 17, 2021 19:41
Decrypt crypto-js default AES encryption with OpenSSL KDF in Python 3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I absolutely hated crypto-js for this. non-standard configurations, weird algorithms, ... | |
| # well obviously you can encrypt it with a better configuration which people will not | |
| # go crazy figuring out its implementation, but in this case I wasn't encrypting the data. | |
| import base64 | |
| from Crypto.Hash import MD5 | |
| from Crypto.Util.Padding import unpad | |
| from Crypto.Cipher import AES | |
| # generated using: CryptoJS.AES.encrypt('test 123456 plaintext', 'some password').toString() |
sh4dowb
/ verify_crx_contents.py
Created
April 11, 2025 02:06
verify chrome extension files with verified_contents.json in python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import base64 | |
| import hashlib | |
| import zipfile | |
| import sys | |
| BRANCH_FACTOR = 128 | |
| BLOCK_SIZE = 4096 | |
| DIGEST_SIZE = 32 |
sh4dowb
/ ethereum-rpc-proxy.py
Last active
March 1, 2025 15:38
ethereum rpc proxy, to be used as "cheap light node"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import http.server | |
| import requests | |
| import json | |
| class Proxy(http.server.BaseHTTPRequestHandler): | |
| def do_POST(self): | |
| data = self.rfile.read(int(self.headers['Content-Length'])).decode('utf-8') | |
| decodedData = json.loads(data) | |
| newheaders = {} | |
| for k, v in self.headers.items(): |
sh4dowb
/ solana_subscribe.py
Created
January 29, 2025 17:53
solana websocket subscribe to transactions & all token transfers of address
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from websockets.sync.client import connect | |
| import json | |
| addresses = [] # base58 address/account/pubkey list | |
| with connect('wss://solana-rpc.publicnode.com') as ws: | |
| i = 0 | |
| for address in addresses: | |
| i += 1 | |
| msg = json.dumps({"jsonrpc": "2.0", "id": i, "method": "logsSubscribe", "params": [{"mentions": [address]}, {"commitment": "finalized"}]}) | |
| # subscribes to solana transactions. token transfers will mention the associated token addresses instead of owner address, so it's not picked up by this filter |
sh4dowb
/ stake_limbo_verify.py
Created
December 8, 2021 23:49
verify stake.com limbo outcome with python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hmac | |
| import hashlib | |
| def getLimboOutcome(server, client, nonce): | |
| server = server.encode() | |
| client = client.encode() | |
| nonce = str(nonce).encode() | |
| round = 0 | |
| hash = hmac.new(server, client+b':'+nonce+b':'+str(round).encode('utf-8'), hashlib.sha256).digest() | |
| first4 = hash[:4] |
sh4dowb
/ send_usdt.py
Last active
October 14, 2024 15:31
tronapi python mass USDT payment - send mass USDT payments with python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| from tronapi import Tron | |
| full_node = 'https://api.trongrid.io' | |
| solidity_node = 'https://api.trongrid.io' | |
| event_server = 'https://api.trongrid.io' | |
| pkey = "private_key_hex" | |
| payments = [ |
sh4dowb
/ phpkoru-deobfuscate-2.php
Last active
October 12, 2024 17:14
PHPkoru.com v1.0.6 (new) deobfuscator. Make sure to run it isolated, to prevent any attacks from eval'd code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // V1.0.7 DEOBFUSCATOR: https://gist.github.com/sh4dowb/68c9e090a3006b1d19ce49a22529c0a5 | |
| // put encrypted code in encrypted.php, or use it like: | |
| // $ php phpkoru-deobfuscate-2.php encryptedfilename.php | |
| // for decrypting advanced version contact me on telegram | |
| function decrypt($fn, $try=0){ | |
| $onfr64_qrpbqr = 'base64_decode'; |
sh4dowb
/ turkey_city_county_list.json
Created
July 6, 2019 18:50
Türkiye İl ve İlçe Listesi Plakalı JSON Güncel 2019 - Turkey City and County List with Plate Numbers JSON 2019
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "city": "Adana", | |
| "plate_code": 1, | |
| "counties": [ | |
| "Aladağ", | |
| "Ceyhan", | |
| "Çukurova", | |
| "Feke", | |
| "İmamoğlu", |
sh4dowb
/ phpkoru-deobfuscate-3.php
Last active
February 19, 2024 21:14
PHPkoru.com v1.0.7 deobfuscator. Make sure to run it isolated, to prevent any attacks from eval'd code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // put encrypted code in encrypted.php, or use it like: | |
| // $ php phpkoru-deobfuscate-3.php encryptedfilename.php | |
| // UPDATED v1.0.7 , if you are getting error "IV passed is only 15 bytes long", try this | |
| // for decrypting advanced (.dll/.so) version contact me on telegram | |
| function trydecrypt($fn, $b64='fge_ebg13', $rot13='bcraffy_qrpelcg'){ | |
| eval('$'.$b64.'="base64_decode";'); | |
| eval('$'.$rot13.'="str_rot13";'); |
sh4dowb
/ selenium-save-profile-session.py
Last active
February 7, 2024 23:17
workaround for selenium to save the goddamn session / profile completely on firefox / geckodriver --- selenium firefox geckodriver persistent profile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Selenium does not use the given profile, but copies it, and uses a temporary profile. | |
| # As a result, new cookies and sessions etc. are not saved. | |
| # To fix it, we get the actual profile firefox is using, kill firefox manually so geckodriver | |
| # doesn't delete profile data. Copying the profile when it's being used is generally not a good idea. | |
| # After killing firefox profile and databases are unlocked, we copy the "temporary" profile | |
| # to our old profile. | |
| # | |
| # driver.profile doesn't provide the actual temporary profile, but another copy of it. And firefox | |
| # does not use that one. that's why I got it from process list. | |
| # |
NewerOlder