Skip to content

Instantly share code, notes, and snippets.

View tovask's full-sized avatar

Levente Kováts tovask

1 follower · 2 following
View GitHub Profile
@tovask
tovask / app.py
Created November 8, 2021 09:11
DamCTF SSTI
from flask import Flask, render_template, render_template_string, Response, request
import os
from check import detect_remove_hacks
from filters import *
server = Flask(__name__)
# Add filters to the jinja environment to add string
# manipulation capabilities
@tovask
tovask / socket_http-s_request.py
Last active October 29, 2021 18:46
http(s) request with body in python using socket
#!/bin/env python
"""
A simple example of using Python sockets for a HTTP(S) request
"""
import socket, ssl
host = "httpbin.org"
port = 443
method = "POST"
@tovask
tovask / pdf_flatedecode.py
Created October 22, 2021 23:37 — forked from averagesecurityguy/pdf_flatedecode.py
Decompress FlateDecode Objects in PDF
#!/usr/bin/env python3
# This script is designed to do one thing and one thing only. It will find each
# of the FlateDecode streams in a PDF document using a regular expression,
# unzip them, and print out the unzipped data. You can do the same in any
# programming language you choose.
#
# This is NOT a generic PDF decoder, if you need a generic PDF decoder, please
# take a look at pdf-parser by Didier Stevens, which is included in Kali linux.
# https://tools.kali.org/forensics/pdf-parser.
#
@tovask
tovask / web_page_youtube_links_to_mp3.py
Last active April 21, 2020 03:26
Find youtube links in a webpage, and save them as mp3.
#!/usr/bin/python3
"""
Find youtube links in a webpage, and save them as mp3.
Conclusion: finding a way to downloan mp3 from youtube without installing any additional library was the hardest thing, due to youtube mutch care about copyright...
Useful readings (but you will find these anyway):
https://docs.python.org/3/howto/urllib2.html
https://docs.python.org/3/howto/regex.html
https://docs.python.org/3/library/functions.html
https://docs.python.org/3/tutorial/datastructures.html
@tovask
tovask / configure.sh
Created February 8, 2020 22:12
forward traffic through ssh proxy with iptables and redsocks
OUTSIDE_INTERFACE=wlan0
INSIDE_INTERFACE=eth0
SSH_REMOTE_PORT=22
SSH_SOCKS_PORT=1337
REDSOCKS_PORT=12345
# set the ip address
ifconfig $INSIDE_INTERFACE 10.0.0.1 netmask 255.255.255.0
# enable ip forwarding
@tovask
tovask / analyze.ipynb
Last active January 18, 2020 04:20
Analyze block lists changes
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@tovask
tovask / selenium_setup.sh
Created January 18, 2020 02:52
Selenium (with Firefox) setup on headless linux (debian)
#!/bin/bash
# https://seleniumhq.github.io/selenium/docs/api/py/
# https://www.seleniumhq.org/docs/04_webdriver_advanced.jsp
# https://intoli.com/tags/selenium/
set -e -x
su -c 'apt-get install xvfb firefox-esr'
@tovask
tovask / git_hacks.sh
Last active January 21, 2020 11:26
# Tl;DR; Don't believe to a git history...
# IMPORTANT: THESE COMMANDS CAN CAUSE DAMAGE, USE IT AT YOUR OWN RISK
# https://git-scm.com/docs/git-filter-branch
git log --all --decorate --oneline --graph
git log --all --decorate --graph --abbrev-commit --pretty=fuller
git log --pretty=format:"%h%x09%an%x09%ae%x09%ai%x09%s%x09%d%n%x09%cn%x09%ce%x09%ci"
# first of all, initialize a git repository
git init
@tovask
tovask / csv2vcf.sh
Created December 30, 2019 14:52
convert contact list (a VCF file) to CSV format, and back
#!/bin/bash
printerror() { cat <<< "$@" 1>&2; }
totalcount=0
content=$(cat $1)
while read line; do
#echo $line
@tovask
tovask / fb-login.php
Last active January 17, 2018 15:05
example user authentication with facebook
<?php
/*
https://developers.facebook.com/docs/facebook-login/
https://developers.facebook.com/docs/graph-api/reference/v2.11/
https://developers.facebook.com/apps/{app-id}/fb-login/
The redirect url in the app's settings (link above) must be exactly the same (including parameters)!
*/