Çağrı sh4dowb
sh4dowb
/ phpkoru-deobfuscate-3.php
Last active
February 19, 2024 21:14
PHPkoru.com v1.0.7 deobfuscator. Make sure to run it isolated, to prevent any attacks from eval'd code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // put encrypted code in encrypted.php, or use it like: | |
| // $ php phpkoru-deobfuscate-3.php encryptedfilename.php | |
| // UPDATED v1.0.7 , if you are getting error "IV passed is only 15 bytes long", try this | |
| // for decrypting advanced (.dll/.so) version contact me on telegram | |
| function trydecrypt($fn, $b64='fge_ebg13', $rot13='bcraffy_qrpelcg'){ | |
| eval('$'.$b64.'="base64_decode";'); | |
| eval('$'.$rot13.'="str_rot13";'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from datetime import date, timedelta | |
| from rubymarshal.classes import UsrMarshal | |
| from rubymarshal.reader import loads | |
| data = b'\x04\x08U:\tDate[\x0bi\x00i\x03\xe5R%i\x00i\x00i\x00f\x0c2299161' | |
| # 1984-12-18 | |
| data = loads(data) | |
| if isinstance(data, UsrMarshal): | |
| # data._private_data[1] is days since Julian Day (November 24, 4714 BC) | |
| data = (date(1900, 1, 1) + timedelta(days=data._private_data[1] - 2415021)).strftime('%Y-%m-%d') |
sh4dowb
/ phpkoru-deobfuscate-2.php
Last active
October 12, 2024 17:14
PHPkoru.com v1.0.6 (new) deobfuscator. Make sure to run it isolated, to prevent any attacks from eval'd code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // V1.0.7 DEOBFUSCATOR: https://gist.github.com/sh4dowb/68c9e090a3006b1d19ce49a22529c0a5 | |
| // put encrypted code in encrypted.php, or use it like: | |
| // $ php phpkoru-deobfuscate-2.php encryptedfilename.php | |
| // for decrypting advanced version contact me on telegram | |
| function decrypt($fn, $try=0){ | |
| $onfr64_qrpbqr = 'base64_decode'; |
sh4dowb
/ fuck-ethereum.py
Last active
December 8, 2022 02:56
run a fucking ethereum VERY LIGHT client that uses cloudflare rpc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| do you have an app that fucking supports geth only? | |
| and after new cryptobros got high and decided you should have at least 1 TB SSD and 10 fucking free days to synchronize to run a "fast" node, you can't be fucking bothered? | |
| well I did, and there you fucking go. this fucking shit gets all stupid motherfucking data from cloudflare and handles account creation and sending etc | |
| fuck you web 3.0 | |
| run geth with snap and dont run no consensus or what in the flying fuck that is | |
| note that you probably need to add more methods to the cloudflare array for block and tx fetching etc. | |
| I also added gas price fetching because the app was fucking dumb and sending 0x0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # redirect MX record to your server ip | |
| apt install postfix | |
| adduser myuser # necessary - you cannot login as root on dovecot imap | |
| # add user | |
| nano /etc/postfix/virtual | |
| # @example.com myuser | |
| # [email protected] info # optional |
sh4dowb
/ stake_limbo_verify.py
Created
December 8, 2021 23:49
verify stake.com limbo outcome with python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hmac | |
| import hashlib | |
| def getLimboOutcome(server, client, nonce): | |
| server = server.encode() | |
| client = client.encode() | |
| nonce = str(nonce).encode() | |
| round = 0 | |
| hash = hmac.new(server, client+b':'+nonce+b':'+str(round).encode('utf-8'), hashlib.sha256).digest() | |
| first4 = hash[:4] |
sh4dowb
/ decrypt.py
Created
September 17, 2021 19:41
Decrypt crypto-js default AES encryption with OpenSSL KDF in Python 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I absolutely hated crypto-js for this. non-standard configurations, weird algorithms, ... | |
| # well obviously you can encrypt it with a better configuration which people will not | |
| # go crazy figuring out its implementation, but in this case I wasn't encrypting the data. | |
| import base64 | |
| from Crypto.Hash import MD5 | |
| from Crypto.Util.Padding import unpad | |
| from Crypto.Cipher import AES | |
| # generated using: CryptoJS.AES.encrypt('test 123456 plaintext', 'some password').toString() |
sh4dowb
/ send_usdt.py
Last active
October 14, 2024 15:31
tronapi python mass USDT payment - send mass USDT payments with python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| from tronapi import Tron | |
| full_node = 'https://api.trongrid.io' | |
| solidity_node = 'https://api.trongrid.io' | |
| event_server = 'https://api.trongrid.io' | |
| pkey = "private_key_hex" | |
| payments = [ |
sh4dowb
/ atomic_eth.js
Created
May 30, 2021 20:03
atomic wallet get eth private key / address by mnemonic seed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // fuck you atomic. why can't you just be fucking normal? | |
| // east home innocent snake icon curtain series brave guard program history stand | |
| // BIP39 seed: | |
| var seed = new Uint8Array([70, 78, 5, 155, 232, 171, 38, 78, 191, 56, 142, 102, 122, 20, 65, 239, 127, 215, 39, 174, 28, 222, 17, 150, 102, 129, 182, 172, 246, 80, 15, 19, 79, 248, 113, 244, 95, 101, 33, 96, 203, 181, 243, 63, 23, 9, 71, 102, 37, 216, 196, 6, 77, 209, 18, 2, 107, 12, 239, 38, 249, 29, 107, 249]); | |
| var s = require('ethereum-cryptography/pure/hdkey').HDKey; | |
| var t = require('ethereumjs-wallet'); | |
| var w = s.fromMasterSeed(seed); |
sh4dowb
/ decrypt_ruby_MessageEncryptor.py
Last active
April 17, 2021 18:14
Decrypt Ruby's ActiveSupport::MessageEncryptor on Python 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| import base64 | |
| from Crypto import Random | |
| from Crypto.Cipher import AES | |
| import rubymarshal.reader | |
| from pbkdf2 import PBKDF2 | |
| SECRET = "asdasd" | |
| ITERATIONS = 65536 | |
| KEYLENGTH = 32 |
NewerOlder