Skip to content

Instantly share code, notes, and snippets.

View vraghuvaran's full-sized avatar

Raghuvaran Velichala vraghuvaran

8 followers · 8 following
View GitHub Profile
@vraghuvaran
vraghuvaran / msk-snippet-My snippet.json
Last active February 17, 2021 15:15
fafafdas
@vraghuvaran
vraghuvaran / BigInt.cpp
Last active May 1, 2020 11:04 — forked from ar-pa/BigInt.cpp
bignum class for C++
#include <bits/stdc++.h>
using namespace std;
typedef long long ll;
const int maxn = 1e2 + 14, lg = 15;
/*
######################################################################
####################### THE BIG INT ##########################
*/
@vraghuvaran
vraghuvaran / redirect.php
Created October 17, 2019 07:37
<?php
$redirect_url=$_GET['url'];
header('Location: '.$redirect_url);
die();
?>
@vraghuvaran
vraghuvaran / uredirects.php
Created October 17, 2019 07:36
<!-- saved from url=(0035)http://192.168.43.81/uredirects.php -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>PENTESTER</title>
</head><body><h1>This is an example of unvalidated redirects</h1>
<p>please click <a href="/redirect.php?url=http://it4tsolutions.com/">it4tsolutions</a> to know more info</p>
</body></html>
@vraghuvaran
vraghuvaran / HTTPcookie.py
Last active December 6, 2019 01:02
This is a simple python application which displays the HTTP headers when a client visited a page running at port 8080
#make sure you install all the python dependencies needed for this application
import webapp2
from paste import httpserver
import random
def GetAllHeaders(headers) :
header_response = 'HTTP Headers Received:\n'
@vraghuvaran
vraghuvaran / Digest authentication(RFC 2617),qop=auth-int
Last active December 6, 2019 01:04
This is the simple python algorithm for digest authentication mentioned in RFC 2617 if qop field option selected is auth-int
##############################################################################################
# realm=value generated by the server when identified by the client browser it displays #
# authentication for user #
# noncecount=count of the nonce generated by the client #
# clientnonce=nonce generated by the client #
# qop=denotes the option selected by the client out of list of qop options generated by the #
# server #
# nonce=random string generated by the server #
##############################################################################################
import hashlib
@vraghuvaran
vraghuvaran / Digest authentication(RFC 2617),qop=auth
Last active September 23, 2019 12:47
This is the simple python algorithm for digest authentication if qop selected is auth
##############################################################################################
# realm=value generated by the server when identified by the client browser it displays #
# authentication for user #
# noncecount=count of the nonce generated by the client #
# clientnonce=nonce generated by the client #
# qop=denotes the option selected by the client out of list of qop options generated by the #
# server #
# nonce=random string generated by the server #
##############################################################################################
import hashlib
@vraghuvaran
vraghuvaran / Digest authentication(RFC 2069)
Created September 21, 2019 17:45
This is the simple python algorithm to calculate the response field in the response generated by the client in Digest Authentication
##################################################################
# realm contains the value which indicates the browser to #
# display for authentication and nonce is the long random string #
# generated by the server #
##################################################################
import hashlib
hash1=hashlib.md5('username:realm:password').hexdigest()
hash2=hashlib.md5('method:URI').hexdigest()
response=hashlib.md5('hash1:nonce:hash2).hexdigest()
print(response)
@vraghuvaran
vraghuvaran / Client-Hello.txt
Created September 1, 2019 09:04
*** ClientHello, TLSv1.2
RandomCookie: *** ClientHello, TLSv1.2
RandomCookie: GMT: -1892413556 bytes = { GMT: -351008774 bytes = { 169, 131, 204, 213, 154, 96, 7, 136, 43, 142, 232, 138, 148, 171, 52, 226, 155, 202, 145, 57, 210, 132, 227, 182, 67, 222, 161, 28, 20 }
Session ID: 239, 10, 92, 143, 185, {}
93, Cipher Suites: [Unknown 0x8a:0x8a, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
@vraghuvaran
vraghuvaran / master secret.txt
Created August 5, 2019 17:59
master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random) [0..47];