exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
bl4de
/ index.php
Created
March 7, 2024 12:47
— forked from Zxce3/index.php
server dashboard in one file [WIP]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * This file contains functions to retrieve system information and display it in a single file server dashboard. | |
| * The functions include generating a safe ID, parsing lines, getting CPU info, load average, basic server info, | |
| * CPU usage, memory usage, disk usage, and disk space. | |
| * | |
| * @author Zxce3 | |
| * @version 1.1 | |
| */ |
bl4de
/ phpdangerousfuncs.md
Created
June 3, 2023 01:48
— forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions
bl4de
/ bucket-disclose.sh
Created
June 24, 2022 21:13
— forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Written by Frans Rosén (twitter.com/fransrosen) | |
| _debug="$2" #turn on debug | |
| _timeout="20" | |
| #you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key | |
| _aws_key="AKIA..." | |
| H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3" | |
| H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" |
bl4de
/ fingerprint.js
Created
April 24, 2021 15:28
— forked from nikitastupin/fingerprint.js
fingerprint.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (() => { | |
| let gadgets = []; | |
| if (typeof _satellite !== 'undefined') { | |
| gadgets.push('Adobe Dynamic Tag Management'); | |
| } | |
| if (typeof BOOMR !== 'undefined') { | |
| gadgets.push('Akamai Boomerang'); | |
| } |
bl4de
/ gd-gif.php
Created
March 31, 2020 16:44
— forked from asdqwe3124/gd-gif.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //php gd-gif.php image.gif gd-image.gif | |
| $gif = imagecreatefromgif($argv[1]); | |
| imagegif($gif, $argv[2]); | |
| imagedestroy($gif); | |
| ?> |
bl4de
/ introspection-query.graphql
Created
July 19, 2019 14:55
— forked from craigbeck/introspection-query.graphql
Introspection query for GraphQL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| query IntrospectionQuery { | |
| __schema { | |
| queryType { name } | |
| mutationType { name } | |
| subscriptionType { name } | |
| types { | |
| ...FullType | |
| } | |
| directives { |
bl4de
/ crawl-extract-resolve.sh
Created
May 8, 2019 22:55
— forked from noraj/crawl-extract-resolve.sh
crawl a web page, extract all domains and resolve them to IP addresses with bash and common GNU/Linux tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| url='rawsec.ml' | |
| domains=$(curl $url -s | grep -E 'https?://[^"]*' | cut -d '/' -f 3 | cut -d '"' -f 1 | uniq) | |
| filename='/tmp/temporary_ips.txt' | |
| for domain in $domains | |
| do |
bl4de
/ content_discovery_nullenc0de.txt
Created
April 24, 2019 05:47
— forked from nullenc0de/content_discovery_nullenc0de.txt
content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / | |
| $$$lang-translate.service.js.aspx | |
| $367-Million-Merger-Blocked.html | |
| $defaultnav | |
| ${idfwbonavigation}.xml | |
| $_news.php | |
| $search2 | |
| £º | |
| .0 | |
| /0 |
bl4de
/ README.md
Created
April 5, 2019 07:21
— forked from ajxchapman/README.md
Scripts developed for solving HackerOne H1-702 2019 CTF
image_extract.pyperforms character extraction on targetted against the HackerOne H1-702 CTF announcement imagedecrypt_sqli.pyperforms blind sqli data extraction with encrypted payloads targetting against the FliteThermostat APItiming_attack.pyperforms an HTTP piplining based timing against the FliteThermostat Backendwordlist_generator.pygenerates wordlists from a give corpus or set of corpuseshttplib.pyperforms efficient asynchronous HTTP requests against the FliteThermostat Backend
bl4de
/ generate.c
Created
March 4, 2019 11:26
— forked from munificent/generate.c
A random dungeon generator that fits on a business card
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <time.h> // Robert Nystrom | |
| #include <stdio.h> // @munificentbob | |
| #include <stdlib.h> // for Ginny | |
| #define r return // 2008-2019 | |
| #define l(a, b, c, d) for (i y=a;y\ | |
| <b; y++) for (int x = c; x < d; x++) | |
| typedef int i;const i H=40;const i W | |
| =80;i m[40][80];i g(i x){r rand()%x; | |
| }void cave(i s){i w=g(10)+5;i h=g(6) | |
| +3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u |
NewerOlder