Skip to content

Instantly share code, notes, and snippets.

View 0x27's full-sized avatar
💭
'"/><script>alert(0)</script>

David Davidson 0x27

💭
'"/><script>alert(0)</script>
670 followers · 33 following
View GitHub Profile
@worawit
worawit / cve-2015-0240_samba_exploit.py
Created April 10, 2015 14:48
Exploit for Samba vulnerabilty (CVE-2015-0240)
#!/usr/bin/python
"""
Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya
The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by
ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()'
in libtalloc does not write a value on 'creds' address.
Reference:
- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/
@b1tninja
b1tninja / mapping.json
Last active January 13, 2018 13:37
masscan --readscan
{
"masscan": {
"order": 0,
"template": "masscan-*",
"settings": {
"index": {
"number_of_shards": "3",
"number_of_replicas": "1"
}
},
@joepie91
joepie91 / promises-reading-list.md
Last active June 25, 2023 09:12
Promises (Bluebird) reading list

Promises reading list

This is a list of examples and articles, in roughly the order you should follow them, to show and explain how promises work and why you should use them. I'll probably add more things to this list over time.

This list primarily focuses on Bluebird, but the basic functionality should also work in ES6 Promises, and some examples are included on how to replicate Bluebird functionality with ES6 promises. You should still use Bluebird where possible, though - they are faster, less error-prone, and have more utilities.

I'm available for tutoring and code review :)

You may reuse all gists for any purpose under the WTFPL / CC0 (whichever you prefer).

@joepie91
joepie91 / getting-started.md
Last active August 10, 2025 16:09
Getting started with Node.js

"How do I get started with Node?" is a commonly heard question in #Node.js. This gist is an attempt to compile some of the answers to that question. It's a perpetual work-in-progress.

And if this list didn't quite answer your questions, I'm available for tutoring and code review! A donation is also welcome :)

Setting expectations

Before you get started learning about JavaScript and Node.js, there's one very important article you need to read: Teach Yourself Programming in Ten Years.

Understand that it's going to take time to learn Node.js, just like it would take time to learn any other specialized topic - and that you're not going to learn effectively just by reading things, or following tutorials or courses. _Get out there and build things!

@itay-grudev
itay-grudev / ssh-backdoor.conf
Last active April 24, 2023 03:31
Systemd Service for SSH Backdoor for remote access to systems without a real IP via external server
# /etc/ssh-backdoor/ssh-backdoor.conf
REMOTE_BINDPORT=12345
[email protected]
REMOTE_PORT=22
LOCAL_HOST=localhost
LOCAL_PORT=22
SSH_KEY=/etc/ssh-backdoor/ssh-backdoor.key
@Wack0
Wack0 / upwned247.php
Last active December 13, 2023 08:16
UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision/others IoT webcams : remote code exec: reverse shell PoC. (works only in qemu usermode)
<?php
/*
Updated version, 2016-12-02: fixed shellcode so it *actually* works on QEMU
usermode emulation (seems I pushed an old version), and removed debug output.
-------------------------
NB: THIS PoC ONLY WORKS IN QEMU USERMODE EMULATION!
If anyone wants to fix this, go ahead (no pun intended).
However, I don't have a vulnerable product and am unwilling to acquire one.
@Viss
Viss / gist:f32ddc67e62f8b7bb160e59c8c7bff64
Created March 14, 2017 02:15
logshove
first, create a bash script, put this in it.
#!/bin/bash
while IFS='' read -r line || [[ -n "$line" ]]; do
curl --user-agent "$line" <the url you want to troll>
done < "$1"
Name it something dumb. logshove.sh
Next create a file with no url-encodable chars. Make sure every line is the same length. don't use spaces. I used periods.
@thomhastings
thomhastings / INSTALL.md
Last active September 29, 2022 05:33

Notes on Shadow Brokers EQGRP-LiT

credit: @GossiTheDog: "If you want to setup FUZZBUNCH (the Equation exploit framework) you need Win7 VM + Python 2.6 + Pywin 2.6, then python fb.py for shell"
h/t @x0rz @DEYCrypt @hackerfantastic

HOW 2 SETUP + INSTALL FUZZBUNCH & DANDERSPRITZ

context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/
decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation

@exorcyst
exorcyst / gist:df397c07ae6c338ac0ff58f9b9cea6e6
Created September 1, 2017 22:13
quick perl script to print accounts across multiple hashdumps with the same password hash
#!/usr/bin/perl -w
# iterate over each file
foreach $y (@ARGV)
{
open FH, $y;
while ($x = <FH>)
@th3gundy
th3gundy / tomcat_bruteforce.py
Created November 2, 2017 13:31 — forked from itsecurityco/tomcat_bruteforce.py
Tomcat manager console bruteforce
"""
Tomcat bruteforce
Author: @itsecurityco
"""
import os
import sys
import getopt
import base64
import requests