Skip to content

Instantly share code, notes, and snippets.

View iam-py-test's full-sized avatar

iam-py-test

View GitHub Profile
@iam-py-test
iam-py-test / README.md
Created August 23, 2024 22:24
Malicious tampermonkey script

On 2024-8-32, the PasteBin user xata0 created a paste titled ❤️ MAKE $500 IN 15 MINUTES ❤ (https://pastebin.com/D2mmK6PL) with the following contents:

Guide:
 
https://drive.google.com/file/d/1Mzn6o3n5xIhN6nueBAl3YTzyb27ZgMrD/view?zI47OokP0m
 
Hadez gift cards method
 
You can use it to get any gift card completely for free
"use strict";
var _slicedToArray = function() {
function sliceIterator(arr, i) {
var _arr = [];
var _n = true;
var _d = false;
var _e = undefined;
try {
for (var _i = arr[Symbol.iterator](), _s; !(_n = (_s = _i.next()).done); _n = true) {
_arr.push(_s.value);
@iam-py-test
iam-py-test / ab.js
Last active November 5, 2023 16:54
newzjunky antiblocker
if ((Math.round(+new Date() / 1000)) < 1699627054) {
if (window.location.hostname === 'www.newzjunky.com') {
const antiblocker_elm = document.getElementById("WkpBMVBVUzNRaXVTzZYQUlDeWdODBOdBjVkswNDJZdXJBOTcUUpaYzyppdh");
const dGlqZDRQOaFpuTkorREFbEpKaHhGLxhUgrNnVNSmlNncwYTlYbWvRCeTBxctOQnpSMvZHVycgyppdhyppdh = "3.9.2"; // never used???
const chp_adblock_analytics_url = "https://www.newzjunky.com/wp-admin/admin-ajax.php";
let false_var_3 = false;
let QmMQUtzVENjREwwbXMdFoZGwUEXWWlvYEwadENHZpcmvTURsbdckRBVhhZmYkRlOWlSQUrVwyppdhyppdh = true;
let counter_var_1 = 0;
const iframe_chpadb_url = "https://www.newzjunky.com/chpadb/pro/instruction/modal/";
const homepage_url = "https://www.newzjunky.com";
@iam-py-test
iam-py-test / trustedsites.md
Created July 12, 2023 16:12
Worrying list of allowlisted sites in ADAWARE AD BLOCK (see https://infosec.exchange/@iampytest1/110701977366775746)
about-scheme
chrome-extension-scheme
chrome-scheme
edge-scheme
moz-extension-scheme
opera-scheme
vivaldi-scheme
wyciwyg-scheme
account.live.com
@iam-py-test
iam-py-test / check.py
Last active November 19, 2022 22:08
Check for redirects with different referers
import os,sys
import requests
import hashlib
url = input("URL: ")
refs = open("refs.txt",encoding="UTF-8").read().split("\n") # safe to refs.txt
for ref in refs:
try:
r = requests.get(url,headers={"Referer":ref})
print("Referer {}: {} --> {} ({})".format(ref,url,r.url,hashlib.md5(r.content).hexdigest()))
@iam-py-test
iam-py-test / hashes.txt
Last active September 14, 2022 11:11
SHA256s of the files referenced in https://twitter.com/iam_py_test/status/1565830465038286850 (all files on abuse.ch)
054ccb41fcd2e8c8e966656ec26f5c81335e2f2e7fb28bf9647179cc772946d6
0a2215fabcb00ad2c456df1cf72cf89d43f596cec4867f99565432d17edc7c22
0ba3d5a1eb20dca5738d8cb7b8b8fc321eb564d8e6a34f29a11e114e48772eca
0dedc8d99e368addcf1950fd4656b8c95800210b2b5e152880634aaa37c27c81
0f2a54e667aae6db7283b8d6340e9ebd8cac4a740190e65a02b18fb55cd2af01
0fa2c05bf58fd103ed78198e2bc5ddf5438b7623dd6a7d17fc862cd37d566291
108d10a422ad88dd7b93ba9f0da52b5832a983bd097f4d7a4f9ad82e777bdd21
12a2dc865730ecfc9b38a28346a8859aa0cb24b2dbb3aaf4f84e169eb84d861b
1405b57ad1dbacc1f2e1a0a373c1b9fc4c48cb3d7691e252e585bade7495d84b
1640167aecfd4a72a2ab3102f65005e77c8a2a5959bd56b2ef1e58ec508f56ab
@echo off
echo Disabling the MSDT URL Protocol as to avoid CVE-2022-30190
echo Code taken from https://arstechnica.com/information-technology/2022/05/code-execution-0day-in-windows-has-been-under-active-exploit-for-7-weeks/, but the original code is from https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
echo Script made by https://github.com/iam-py-test
echo THIS THIS BETA SOFTWARE! Use with caution! If you want to be safe, create a system restore point before running this script
rem Stolen from https://stackoverflow.com/a/10052222
:: BatchGotAdmin
:-------------------------------------
@iam-py-test
iam-py-test / domains_to_dnsmasq.py
Created January 29, 2022 13:34
A Python script to turn domains/HOSTs style blocklists into dnsmasq
import os
import sys
# check if we have the right amount of args
if len(sys.argv) != 3:
# we don't, so print a help message and exit
print("Wrong number of arguments.\nHelp: {} {} [input file] [output file]".format(sys.executable,sys.argv[0]))
sys.exit()
else:
@iam-py-test
iam-py-test / challenge.js
Created January 28, 2022 22:59
Another JavaScript challenge, this time without DevTools
(function(){}).call.call(function(){;const _fbuw = window;const _gbmmx='';const _qqwq=function(){return window.confirm};const _bhbh = "l";const _6fbw="";const _7fw="%20P%20";const _qd="PGtleT5ubyBkZXZ0b29scywgbm8gcHJvYmxlbTwva2V5Pg==";const _6y="join";const _asa=1+0;const _fff="decodeURI";const _66611 = String;const _90190 = "setIn"+_gbmmx+"terva"+_bhbh;const _6bdqdq="reggu"+"bed";const _bhb=_90190;const _7jv=window;console.log(_6bdqdq.split(_gbmmx).reverse().join(new _66611()),_asa,_bhb);console.log(_7jv[_bhb](_6bdqdq.split(_gbmmx).reverse().join(new _66611()),_asa));const _6bfq=["a","t","o","b"][_6y]("");const _fwa="";const _mmlm=window[_fff](_7fw);const _7gu=_fbuw[_6bfq](_qd);alert("No key here");});
@iam-py-test
iam-py-test / challenge2.js
Created January 14, 2022 20:56
The second challenge
(function(v){
eval("))\"pgSK9pgCpkSKpIiIo4WavpmLpgSZzJXZ2VmcukiIigCdpxGcz5SK0gHIrACe1hCK05WZu9Gct92QJJVVlR2bjVGZoQnerIyOisyN3oHKdJCbiAyKg01NblHczByKgkiIiwiI/ICKlNWYsBXZy5ybotVcKISV5FVeVlXTpVleSNVV51UaVlXU5VVeN52as1kaJxWTr1EbNpmSspEVJlnSUpERKRVS5FWeVlXTpVVeRlXV51UaVpXU5VVeNlWVxI1QJB3STVTeahlWsNmbOx2SDtWdh1WOwJWanlWSpt2NhdVWvNGSKZnYYJEMLNkSYF2RGBjSz00ZkdEasl0R0xWZUhTaLNVQ5AFVwcWYyYVNLhFdoJ2RWlHZDdWaWJjVzJ2QCtmYyUDbJlGb5o1V4pnWYRHaidkV5R2QnlGVtlDMJhkUvp1UCJnWYt2ZldlVwkUasljZUR3dj1Gb1R2RZVXWyY0ciNEaQlVbwxWWzEFciASPggXdgQ3cu92Y7ICduVmbvBXbvNUSSVVZk92YlRGI9ACNlByOlNnchBnLO90UKBSPggTdgICI9AyN3oHI0NnbvN2OpIiRzUiIoQTZgsCIpgTMxgSZk92QyFGaD12byZmLwIGIrACaiBSPg8GagQ3cu92YK0nCpgyZulmc0N1b05yc5BSPggmYKsXKzlHKoNGdhNmC9pQXyk3WdJyaiwiIqJCLikmIsICaiwiInJCLiYmIsISZiwiIkJCLiMmIsIiYiwiIhJyWgc3byhGdKsXeyRnC70VX1sFanByKgIyb0JCIrASK3AyKgATOoUGZvNkchh2Qt9mcm5CMit1bg0DI0pHI0NnbvN2Oi02bj5SZiVHd19WeiASPgIGd1lHI0VGb7ISbvNmLiVHa0l2ZiASPgg2ZgQ3cu92Y7ISbvNmLzNWa0lHbh5WYtUGbn92bnJCI9ASewNHI0NnbvN2OdJydvRmbpdnIb9GI9AScgQ3cu92Y7MXaoRHI9AybuBCd