I hereby claim:
- I am evilcry on github.
- I am evilcry (https://keybase.io/evilcry) on keybase.
- I have a public key whose fingerprint is AFDF D6C3 500E BB73 4035 F0AF 1732 42AE 255D E336
To claim this, I am signing this object:
Giuseppe Bonfa Evilcry
Evilcry
/ Jira bug-exploit
Created
October 22, 2021 09:40
— forked from 0x240x23elu/Jira bug-exploit
Jira Bug CVE-2019-8449,CVE-2019-8451,CVE-2019-8451,cve-2018-20824,cve-2020-14179,cve-2020-14181,CVE-2018-5230
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cve-2019-8449 | |
| The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. | |
| https://jira.atlassian.com/browse/JRASERVER-69796 | |
| https://victomhost/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true | |
| ===================================================================================================================================== |
Evilcry
/ google-dorks
Created
August 9, 2020 08:53
— forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " _ _ " | |
| " _ /|| . . ||\ _ " | |
| " ( } \||D ' ' ' C||/ { % " | |
| " | /\__,=_[_] ' . . ' [_]_=,__/\ |" | |
| " |_\_ |----| |----| _/_|" | |
| " | |/ | | | | \| |" | |
| " | /_ | | | | _\ |" | |
| It is all fun and games until someone gets hacked! |
Evilcry
/ ip_range_country.py
Created
December 24, 2019 10:05
Downloads the full IP range per country
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| headers = {"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36"} | |
| r = requests.get("https://lite.ip2location.com/...your-country...-ip-address-ranges", headers = headers) | |
| txt = r.text |
Evilcry
/ lpe_svcs.ps1
Created
August 11, 2018 13:05
discover Unquoted Service Paths that can be abused to escalate privileges
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -RunAsAdministrator | |
| $services = Get-WmiObject win32_service | select Name, PathName | |
| Foreach ( $entry in $services ) { | |
| if ( $entry.PathName -match "Program" ) { | |
| if ( $entry.PathName -notmatch "\`"*\`"" -and $entry.PathName -match " ") { | |
| Write-Host "Potentially Vulnerable Service: $($entry.Name) with Path: $($entry.PathName)" -BackgroundColor DarkGreen | |
| } | |
| } |
Evilcry
/ findautoelevate.ps1
Created
July 8, 2018 07:40
Enumerate executables with auto-elevation enabled
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Find Autoelevate executables | |
| Write-Host "System32 Autoelevate Executables" -ForegroundColor Green -BackgroundColor Black | |
| Select-String -Path C:\Windows\System32\*.exe -pattern "<AutoElevate>true" | |
| Write-Host "`nSysWOW64 Autoelevate Executables" -ForegroundColor Green -BackgroundColor Black | |
| Select-String -Path C:\Windows\SysWOW64\*.exe -pattern "<AutoElevate>true" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Ref. https://gist.github.com/mmcloughlin/17e3ca302785f0e525655191d3f9211d | |
| package main | |
| import ( | |
| "fmt" | |
| "io/ioutil" | |
| "log" | |
| "net/http" | |
| "golang.org/x/net/proxy" |
Evilcry
/ keybase.md
Created
May 24, 2018 17:06
Evilcry
/ mac-vendor.txt
Created
May 20, 2018 08:37
— forked from aallan/mac-vendor.txt
List of MAC addresses with vendors identities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 000000 Officially Xerox | |
| 000001 SuperLAN-2U | |
| 000002 BBN (was internal usage only, no longer used) | |
| 000003 XEROX CORPORATION | |
| 000004 XEROX CORPORATION | |
| 000005 XEROX CORPORATION | |
| 000006 XEROX CORPORATION | |
| 000007 XEROX CORPORATION | |
| 000008 XEROX CORPORATION | |
| 000009 powerpipes? |
Hash List
:~/collected$ sha256sum *
efa4fe06e4949c0f7aedea61a79da92e379ea66b169cd1d99c47b9e93e814093 arm
1ff787d52bc9ec27d75b1a427c3e5dd16d6d5f082a79227c14edf8e908ab2 arm7
bab7e9f42df88902acb00fbdf3b4b5d8ffec2a1a7ad32eb5f2fb1dbf38f3167d mips
a79964ce5cf4b92f996bbc24230e102b94ef05fb072c0afdeabc88d28695cace mipsel
Arch List
Evilcry
/ getsensorstemp.cmd
Last active
April 30, 2018 11:34
Get temperature for all motherboard sensors
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wmic /namespace:\\root\cimv2 PATH Win32_PerfFormattedData_Counters_ThermalZoneInformation get Temperature |
NewerOlder