reanimat0r

#!/bin/bash

# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"

reanimat0r

#!/usr/bin/env python
# encoding:utf-8
# Author : WangYihang
# Date : 2017/10/03
# Email : [email protected]
# Comment : to solve XDCTF-2017-WEB-Upload

import string
import itertools
import os

reanimat0r

curl -L -k -s https://www.example.com | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu

# using linkfinder
function ejs() {
   URL=$1;
   curl -Lks $URL | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | sed -r "s/^src['\"]?[=:]['\"]//g" | awk -v url=$URL '{if(length($1)) if($1 ~/^http/) print $1; else if($1 ~/^\/\//) print "https:"$1; else print url"/"$1}' | sort -fu | xargs -I '%' sh -c "echo \"\n##### %\";wget --no-check-certificate --quiet \"%\"; basename \"%\" | xargs -I \"#\" sh -c 'linkfinder.py -o cli -i #'"
}

# with file download (the new best one):
# but there is a bug if you don't provide a root url

reanimat0r

var logger = console.trace;

// ELEMENT

;(getElementByIdCopy => {
  Element.prototype.getElementById = function(q) {
    logger('getElementById', q, this, this.innerHTML);
    return Reflect.apply(getElementByIdCopy, this, [q])
  }
})(Element.prototype.getElementById)

reanimat0r

Open redirect bypasses

• Simply try to change the domain

  Example: ?redirect=https://example.com --> ?redirect=https://evil.com

• Bypass the filter when protocol is blacklisted using //

  Example: ?redirect=https://example.com --> ?redirect=//evil.com

reanimat0r

#Text to HEX
echo "BetilloPOC" | xxd -ps -c 200 | tr -d '\n'
#Hex to Text
echo '426574696c6c6f504f43' | xxd -ps -r

reanimat0r

@echo off
rem Current Mac Address
getmac /v | findstr /b Ethernet

rem Search Ethernet of Brand Network
reg query HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318} /s /f DriverDesc
rem Verify class

rem Down Interface after to change

reanimat0r

##################################################################################
#         ELIMINATE SPOTIFY ADS (VERSION 1.2 - 8.5) - UPDATED FREQUENTLY         #
##################################################################################
#
# NOTE: SOMETIMES ONLY ANNOUNCEMENT OF AN AD WHILE USING APP VERSION 7.5-7.9?-8.x.
# USING AN OFFICIAL OLDER VERSION SOLVES THIS. TEST IT (APKMIRROR). THIS WILL NOT
# OCCUR USING CHROMECAST / GOOGLE HOME.
#
# COULD NOT SOLVE THE AUDIO AD INRO/OUTRO IN THE APP.
# SUGGESTIONS? WRITE A COMMENT BELOW.

reanimat0r

#!/usr/bin/env python
# vim: tabstop=4:softtabstop=4:shiftwidth=4:expandtab:

import os
import requests
import sys

docs = {
    '68000': {
        'M68000PRM.pdf': 'https://www.nxp.com/files-static/archives/doc/ref_manual/M68000PRM.pdf',

reanimat0r

#!/usr/bin/env python3
# Author: m8r0wn

import os
import threading
from sys import exit
from time import sleep
from datetime import datetime
from subprocess import getoutput
from taser.proto.http import web_request