| /opt/homebrew/Cellar/john-jumbo/1.9.0/share/john/ | |
| $ brew install john-jumbo | |
| $ export PATH=$PATH:/usr/local/share/john | |
| $ zip2john YOUR_FILE.ZIP > zip_hash.txt | |
| $ john --format=PKZIP --wordlist YOUR_WORDLIST_HERE zip_hash.txt | |
| $ john --show zip_hash.txt |
| import os, imghdr, uuid | |
| from flask import Flask, request, send_from_directory | |
| from werkzeug.utils import secure_filename | |
| app = Flask(__name__) | |
| UPLOAD_FOLDER = 'uploads' | |
| app.config['UPLOAD_EXTENSIONS'] = ['.jpg', '.png', '.gif'] | |
| app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER | |
| app.config['MAX_CONTENT_LENGTH'] = 1 * 1024 * 1024 #max 1 mb |
| /.git/config | |
| /wp-admin/js/widgets/index.php | |
| /wp-content/uploads/2020/10/casper_speed.php | |
| /wp-logout.php | |
| /gk.php | |
| /wp-content/0day.php | |
| /autoload_sitemap.php | |
| /comment.php | |
| /wp-content/uploads/archieving.php | |
| /js/logs.php |
| // secure code for middleware | |
| example : | |
| ``` | |
| // only POST method can be overridden | |
| e.Pre(middleware.MethodOverride()) | |
| // protect from xss | |
| e.Use(middleware.SecureWithConfig(middleware.SecureConfig{ | |
| XSSProtection: "1; mode=block", | |
| ContentTypeNosniff: "nosniff", |
| CSS Syntax | |
| ---------------------------------------- | |
| Css is for styling the HTML page, it's not a programing language | |
| basicly it's only like this: | |
| selector { | |
| property1 : value; | |
| property2 : value; | |
| } |
| sudo apt update | |
| sudo apt -y upgrade | |
| sudo apt-get -y install python3-pip python3-dev build-essential libssl-dev libffi-dev xvfb | |
| pip3 install selenium | |
| wget https://github.com/mozilla/geckodriver/releases/download/v0.31.0/geckodriver-v0.31.0-linux64.tar.gz | |
| tar -xvzf geckodriver* | |
| mv -v geckodriver /usr/local/bin | |
| cd /usr/local/bin | |
| chmod +x geckodriver | |
| #checking geckodriver only execute like this: ./geckodriver |
| from datetime import datetime | |
| from eth_abi import decode_abi | |
| #author: sohay | |
| #telegram chanel: https://t.me/listmicintoken | |
| ''' | |
| I am curious about the bytecode from solidty, and how to decode that byte??? | |
| after read the doc of solidity about abi, it's easy to decode that as long as we know the abi function. | |
| There's a sample i try to decode. | |
| So i try to decode the bytecode to know the lockdate for the Liquidity of the token. |
| #include<stdio.h> | |
| #include<string.h> | |
| #include<stdlib.h> | |
| /* | |
| What is use after free (UAF) attack ? | |
| - when the program tries to access a portion of memory after it has been freed that may force the program to crash | |
| even we are able to overwrite the object and the worst part program you might get arbitrary code execution. | |
| // SPDX-License-Identifier: MIT | |
| pragma solidity 0.6.10; | |
| import "https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable.sol"; | |
| interface ExternalContractInterface { | |
| function game() external returns(ExtCodeHashExample); | |
| function payoutToWinner(address winner) external; | |
| function withdrawTo(uint roundId, address receiver) external; | |
| receive() external payable; |