Skip to content

Instantly share code, notes, and snippets.

View WangYihang's full-sized avatar
🎯
Focusing

Yihang Wang WangYihang

🎯
Focusing
1.9k followers · 83 following
View GitHub Profile
@WangYihang
WangYihang / base64-encoded-webshell.py
Last active November 29, 2021 08:55
#!/usr/bin/env python
# encoding:utf-8
# Author : WangYihang
# Date : 2017/10/03
# Email : [email protected]
# Comment : to solve XDCTF-2017-WEB-Upload
import string
import itertools
import os
@badbye
badbye / check_email.py
Last active July 8, 2020 09:32
Check the validation of an email
# encoding: utf8
"""
Created on 2017.06.27
@author: yalei
Reference:
1. http://www.ruanyifeng.com/blog/2017/06/smtp-protocol.html
2. http://blog.online-domain-tools.com/2014/11/14/how-to-verify-email-address/
@neargle
neargle / httplogger.py
Last active August 21, 2020 10:59
该脚本会在80端口开启一个服务并记录所有访问到该服务的HTTP请求,返回访问时间并将请求包转化为Burpsuite等工具可用的格式记录在日志里。依赖Flask(pip install Flask),使用: python httplogger.py log.log
# coding=utf-8
# [email protected]
import os
import logging
import datetime
import string
from sys import argv
from flask import Flask, request
@riyazwalikar
riyazwalikar / findelevate.py
Last active April 17, 2022 12:34
Python script to find all Windows binaries with autoElevate=True (uses sigcheck obviously)
# Usage: findelevate.py C:\Windows\System32\
# Needs sigcheck.exe in path [https://technet.microsoft.com/en-us/sysinternals/bb897441.aspx]
import sys
import os
import glob
import subprocess
if len(sys.argv) < 2:
print "Usage: findelevate.py <PATH>"
@Tom4t0
Tom4t0 / fpm.py
Created April 25, 2017 16:03 — forked from phith0n/fpm.py
Fastcgi PHP-FPM Client && Code Execution
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client
PY2 = True if sys.version_info.major == 2 else False
@phith0n
phith0n / fpm.py
Last active March 7, 2025 20:19
Fastcgi PHP-FPM Client && Code Execution
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client
PY2 = True if sys.version_info.major == 2 else False
@Zenexer
Zenexer / escapeshellrce.md
Last active February 10, 2025 18:30
Security Advisory: PHP's escapeshellcmd and escapeshellarg are insecure

Paul Buonopane [email protected] at NamePros
PGP: https://keybase.io/zenexer

I'm working on cleaning up this advisory so that it's more informative at a glance. Suggestions are welcome.

This advisory addresses the underlying PHP vulnerabilities behind Dawid Golunski's [CVE-2016-10033][CVE-2016-10033], [CVE-2016-10045][CVE-2016-10045], and [CVE-2016-10074][CVE-2016-10074]. It assumes prior understanding of these vulnerabilities.

This advisory does not yet have associated CVE identifiers.

Summary

@ngaro
ngaro / dirty_passwd_adjust_cow.c
Last active June 12, 2024 22:19
A dirty cow exploit that automatically finds the current user in passwd and changes it's uid to 0
#include <stdio.h>
#include <sys/mman.h>
#include <fcntl.h>
#include <pthread.h>
#include <unistd.h>
#include <sys/stat.h>
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
#include <sys/types.h>
@scumjr
scumjr / dirtycow-mem.c
Created October 21, 2016 15:09
/*
* CVE-2016-5195 dirtypoc
*
* This PoC is memory only and doesn't write anything on the filesystem.
* /!\ Beware, it triggers a kernel crash a few minutes.
*
* gcc -Wall -o dirtycow-mem dirtycow-mem.c -ldl -lpthread
*/
#define _GNU_SOURCE
@mgeeky
mgeeky / pickle-payload.py
Last active July 9, 2024 07:55
Python's Pickle Remote Code Execution payload template.
#!/usr/bin/python
#
# Pickle deserialization RCE payload.
# To be invoked with command to execute at it's first parameter.
# Otherwise, the default one will be used.
#
import cPickle
import sys
import base64