Skip to content

Instantly share code, notes, and snippets.

View refabr1k's full-sized avatar

refabr1k

14 followers · 0 following
  • refabr1k
  • Singapore
View GitHub Profile
@refabr1k
refabr1k / app.php
Created March 1, 2023 14:55
Intigriti - 2023-02-23 Can you spot the vulnerability?
<?php
if (isset($_GET['email']))
$email = filter_var($_GET['email'],
FILTER_SANITIZE_EMAIL);
if (isset($_GET['xss']))
$xss = htmlspecialchars($_GET['xss']);
if (isset($_GET['path'])) {
$path = $_GET['path'];
while (strpos($path, '../') !== false) {
$path = str_replace('../', '', $path);
@refabr1k
refabr1k / gist:a5326b054474396caccf6114b731df56
Created January 30, 2022 13:30
linux java versions
You can find a mirror of different Java versions to run on Linux at this location. http://mirrors.rootpei.com/jdk/
Select the jdk-8u181-linux-x64.tar.gz package (or alternatively, download the file attached to this task, added for your convenience).
Download this into your attacking machine, and run the following commands to configure your system to use this Java version by default (adjust the download filesystem path as appropriate):
sudo mkdir /usr/lib/jvm
cd /usr/lib/jvm
sudo tar xzvf ~/Downloads/jdk-8u181-linux-x64.tar.gz # modify as needed
@refabr1k
refabr1k / TPLINK-WN722N-kali.txt
Created December 1, 2021 00:54
TL-WN722N ver 2/3 to work with monitor mode and injection
@refabr1k
refabr1k / setting up yubikey u2f.sh
Created August 20, 2021 17:14
setting up yubikey u2f
# note: leave a seperate sudo terminal running and test if works eg. with sudo first
sudo apt update
sudo apt install libpam-u2f pamu2fcfg
mkdir -p ~/.config/Yubico
pamu2fcfg > ~/.config/Yubico/u2f_keys
# touch yubikey when flashing to associate
# edit /etc/pam.d/sud
@refabr1k
refabr1k / remove_xorg.conf
Created August 7, 2021 09:32
popos - remove nvida conf issue when primary monitor doesnt show up after using dual monitor
sudo rm -v /etc/X11/xorg.conf*
@refabr1k
refabr1k / ssh for git.md
Last active August 3, 2021 10:52 — forked from developius/README.md
Setup SSH keys for use with GitHub/GitLab/BitBucket etc
@refabr1k
refabr1k / blindsqli.py
Created July 30, 2021 15:42
Blind sql injection using true/false statements (mysql)
#!/usr/bin/python
import string, os, requests
allchars = string.ascii_letters
found = False
quit = False
dumpstr = ""
index = 1
table="database()"
@refabr1k
refabr1k / gist:88a254cc03074e83650edc0379587d11
Created May 13, 2021 13:25
Conky config
# install
sudo apt install -y conky
# foreground conky
$ export NETWORK_INTERFACE=eth0
$ cat <<EOF > ~/.conkyrc
conky.config = {
use_spacer = 'left',
pad_percents = 3,
background = true,
@refabr1k
refabr1k / b43-old-mbp.md
Last active August 22, 2025 12:37
b43 wireless driver for old mbp
@refabr1k
refabr1k / WANReporter
Created August 30, 2020 06:30
Mikrotik get public IP and send to telegram bot
{
/tool fetch url="http://myip.dnsomatic.com/" mode=http dst-path=mypublicip.txt
local ip [file get mypublicip.txt contents ]
put $ip
/tool fetch "https://api.telegram.org/<BOTAPI>/sendmessage\?chat_id=<CHATID>&text=Wan IP: $ip" keep-result=no;
}