Amal Murali amalmurali47

Downloading the script

Execute the command in a terminal window:

wget "https://gist.github.com/amalmurali47/050ef9250c5e1cd611f2e54012d1ece3/raw/29126c4e7e2ae79f8c61cd057e8b30c1345367ec/vaccine_checker.py"

It will save the script as vaccine_checker.py.

Requirements

You need the following installed:

Python

Clone the repo.
Use git rebase -i --root
vim will open. Select the commits you want to modify by changing pick to edit. If you would like to change all the commits, perform the following replace: :%s/^pick/edit/g. This command changes all instances of "pick" at the start of lines to "edit".
You will now be shown all the selected commits one by one. Each commit message will be displayed. You have two options:
- If you would like to keep the commit author details the same, do a git rebase --continue.
- If you would like to change it to a different name/email, do git commit --amend --reset-author. If --reset-author is specified, it will use the details from your git config. (If you need to specify an alternate name/email, you can do so with --author="John Doe <[email protected]>". If you would like to change the time to a previous date, you can do so with --date "2 days ago".)
Do the same for all the commits and finish the rebase.
Perform git push -f origin master to

Dangling DNS Records on surf-test.xwf.internet.org! - $500

Vulnerability Discovery

In this GitHub Gist, I have included my script (main.sh), which I used in discovering this vulnerability.

The script performs sub-domain enumeration over the Internet.org domain using assetfinder, subfinder, sublist3r and amass, and then checks for sub-domains which are further pointing to Amazon EC2 hostnames, and stores all of the results in multiple text files.

I didn't perform any form of manual work in discovering this vulnerability, and my workflow was fully automated with the help of Bash scripting using different tools.

After retrieving the results as mentioned earlier, you can simply perform a Nmap scan for all ports across the sub-domainss with Amazon EC2 hostnames, and if no ports are up, you can try reporting the vulnerability to the vendor (i.e. in this case, it's Facebook.).

Keybase proof

I hereby claim:

I am amalmurali47 on github.
I am amalmurali47 (https://keybase.io/amalmurali47) on keybase.
I have a public key ASD6Ff_P2khkvdw7tMj5YsDxVEtWiCzKIkJBEYA70yvNbwo

To claim this, I am signing this object:

PDF Password Bruteforcer

Usage

python3 pdf_brute.py
time cat /tmp/brute.txt | xargs -I{} -P 10 bash -c "qpdf --password={} --decrypt stmt.pdf out.pdf"
watch ls

DigitalOcean does not provide a way to download a snapshot of your droplet locally. You can use rsync to accomplish this instead.

On your local machine, assuming you have added your-server in your SSH config:

rsync -aAXHv --append-verify --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found"} your-server:/

-a : archive mode (all files, with permissions, etc.)
-A : preserve ACLs/permissions (not included with -a)

	#!/usr/bin/env python3

	from urllib.parse import quote as encode

	import requests

	base_url = 'http://localhost:9001'


	def tamper(payload, **kwargs):

	require 'selenium-webdriver'

	@host = "http://metadata.google.internal/computeMetadata/v1/instance/"

	def setup
	@driver = Selenium::WebDriver.for(
	:remote,
	url: 'https://SELENIUM_URL/wd/hub',
	desired_capabilities: :chrome)
	end

	import re
	import string

	import requests


	def check(c):
	t = requests.get(f'https://challenge.intigriti.io/{c}').text
	return re.match(r'404 - \'File "(.?)" was.\'', t).group(1)

	import re
	import string

	import requests


	def check(c):
	t = requests.get(f'https://challenge.intigriti.io/{c}').text
	return re.match(r'404 - \'File "(.?)" was.\'', t).group(1)