Skip to content

Instantly share code, notes, and snippets.

@TheBinitGhimire
TheBinitGhimire / README.md
Last active October 27, 2024 19:26
Dangling DNS Records leading to Sub-domain Takeover on api.techprep.fb.com!

Dangling DNS Records on api.techprep.fb.com - $500!

Read proper write-up here: https://publish.whoisbinit.me/subdomain-takeover-on-api-techprep-fb-com-through-aws-elastic-beanstalk

I have included my script in another file (main.sh), which I used in discovering this vulnerability.

I didn't do any form of manual work in finding this vulnerability, and my workflow was fully automated with Bash scripting.

I have shortened my actual script, and only included the part which helped me in finding this vulnerability in the main.sh file.

@M507
M507 / BigBountyReconQueries.md
Created February 14, 2021 18:55
All BigBountyRecon repo queries without GUI

BigBountyReconQueries

All BigBountyRecon queries without GUI:

$ cat queries.txt
https://www.google.com/search?q=site:REPLACEME intitle:index.of
https://www.google.com/search?q=site:REPLACEME ext:xml | ext:conf | ext:cnf | ext:reg | ext:inf | ext:rdp | ext:cfg | ext:txt | ext:ora | ext:ini
https://www.google.com/search?q=site:REPLACEME ext:sql | ext:dbf | ext:mdb
https://www.google.com/search?q=site:REPLACEME inurl:wp- | inurl:wp-content | inurl:plugins | inurl:uploads | inurl:themes | inurl:download
@borkdude
borkdude / router.clj
Last active November 8, 2024 01:22
Small ring router using core.mach in babashka
(require '[clojure.core.match :refer [match]]
'[clojure.string :as str]
'[hiccup2.core :refer [html]]
'[org.httpkit.server :as server])
(defn router [req]
(let [paths (vec (rest (str/split (:uri req) #"/")))]
(match [(:request-method req) paths]
[:get ["users" id]] {:body (str (html [:div id]))}
:else {:body (str (html [:html "Welcome!"]))})))

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

@devanshbatham
devanshbatham / sslextract.py
Created November 9, 2020 10:57
sslExtract : Extract DNS records from IP addresses
#!/usr/bin/env python
from multiprocessing.pool import ThreadPool
from time import time as timer
from urllib.request import urlopen
import sys
import re
import os.path
start = timer()
@borkdude
borkdude / scrape_tables.clj
Created October 5, 2020 08:21
Extract HTML tables with babashka and bootleg
(ns scrape
(:require [babashka.pods :as pods]
[clojure.walk :as walk]))
(pods/load-pod "bootleg") ;; installed on path, use "./bootleg" for local binary
(require '[babashka.curl :as curl])
(def clojure-html (:body (curl/get "https://en.wikipedia.org/wiki/Clojure")))
@hansbugge
hansbugge / lint.clj
Created September 26, 2020 10:34
Code Quality report for Clojure projects in Gitlab using babashka and clj-kondo.
#!/usr/bin/env bb
(ns script
"Make a 'Code Quality' report from clj-kondo for use in GitLab CI.
JSON issue format:
https://docs.gitlab.com/ee/user/project/merge_requests/code_quality.html#implementing-a-custom-tool
Usage:
Add the following job in .gitlab-ci.yml:
@rickerbh
rickerbh / octopress-to-cryogen.clj
Created July 26, 2020 06:40
Babashka script to port posts from jekyll/octopress format to cryogen
(require '[clojure.java.io :as io]
'[clojure.string :as string]
'[clojure.tools.cli :refer [parse-opts]])
(def cli-options
[["-o" "--out DIR" "Output directory"
:default "out"]
["-s" "--source SOURCE" "Source directory"
:default "source/_posts"]
["-h" "--help"]])
@LuD1161
LuD1161 / f5_here_i_come.sh
Last active March 8, 2022 02:52
F5 Slapdash attempt
# Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt
cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt
cut -d" " -f3 results.txt > targets.txt
sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace
interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt
@cihanmehmet
cihanmehmet / CVE-2020-5902.md
Last active December 31, 2024 19:04
BIGIP CVE-2020-5902 Exploit POC

🚨BIGIP CVE-2020-5902 Exploit POC 🔥🧱🔨👀


Shodan Seaarch

title:"Big-IP®" org:"Organization Name"
http.title:"BIG-IP®- Redirect" org:"Organization Name"
http.favicon.hash:-335242539 "3992" org:"Organization Name"

🔸LFI