Discover @irsl Open Source projects

@irsl

irsl

Stars
1,789
Global Rank 17,254 (Top 0.6 %)
Followers 290
Following 1
Registered almost 11 years ago
Most used languages

Perl
27.6 %

Python
20.7 %

Java
10.3 %

C
10.3 %

Go
6.9 %

C++
6.9 %

Shell
6.9 %

PHP
3.4 %

C#
3.4 %

TypeScript
3.4 %

gcp-dhcp-takeover-code-exec

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent

curlshell

reverse shell using curl

ADB-Backup-APK-Injection

Android ADB backup APK Injection POC

dfwfw

Docker Firewall Framework

jackson-rce-via-spel

An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions

CVE-2020-1313

Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability

Huawei-Hisuite-KobackupCipherTool

Tool to encrypt/decrypt backup packages created by Huawei Hisuite.

CVE-2020-0728

Proof of Concept code for CVE-2020-0728

apache-openoffice-rce-via-uno-links

php-bypass-disable-functions

Demo project how to bypass the disable_functions security control of PHP on Linux

microsoft-diagcab-rce-poc

Proof of concept about a path traversal vulnerability in Microsoft's Diagcab technology that could lead to remote code execution

CVE-2020-1967

Proof of concept exploit about OpenSSL signature_algorithms_cert DoS flaw (CVE-2020-1967)

lgosp-poc

LG On Screen Phone authentication bypass PoC (CVE-2014-8757)

struts-any-results

Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.

golang-insecureskipverify-patch

Simple patcher tool to turn off TLS handshake validation in golang binaries

google-osconfig-privesc

Proof of concept about the privilege escalation flaw identified in Google's Osconfig

CVE-2022-20128

Android Debug Bridge (adb) was vulnerable to directory traversal attacks that could have been mounted by rogue/compromised adb daemons during an adb pull operation.

microsoft-diaghub-case-sensitivity-eop-cve

Proof of concept code about the Microsoft Diaghub case sensitivity Elevation of Privileges vulnerability

tcp-http-proxy

A potential solution for OpenWRT + Mitmproxy

gnu-patch-vulnerabilities

The GNU patch utility was prone vulnerable to multiple attacks through version 2.7.6. You can find my related PoC files here.

mysql-load-data-local-abuse

Abusing MySQL's LOAD DATA LOCAL feature

golang-http2debug-onthefly

Tool to activate http2debug feature of golang on the fly.

go-reproto

An experimental tool to reconstruct proto definitions based on golang binaries

cloud-sql-auth-proxy-iam-mitm

PoC tool to demonstrate an MitM attack against Google's Cloud SQL authentication proxy product.

pcap-proxy

A simple userland TCP proxy application that captures the network flow into a .pcap file

CVE-2022-3168-adb-unexpected-reverse-forwards

Proof of concept code to exploit flaw in adb that allowed opening network connections on the host to arbitrary destinations

icedtea-web-vulnerabilities

Hosting proof of concept exploit code of the remote code execution vulnerabilities in the IcedTea-Web Java webstart implementation.

postgres-proxy-cloudsql-iam-vuln

A PoC proxy script that allowed me to extract access tokens from the Postgres wire messages in Google Cloud SQL.

cloud-shell-ssrf

Google Cloud Shell SSRF feature PoC tool

grpcurl-for-android

gRPCurl precompiled binaries for Android

rdiff-backup

Simple docker image around rdiff-backup

raiffeisen-direktnet

Transaction parser for the Raiffeisen Direktnet banking website

hikvision-motion

SMTP server to receive HikVision camera/NVR notifications in order to post process the stream/images with GCP Vision AI (object tagging). Push notification to your device.

p1x1

Open-source web application for cataloging and archiving private photos in S3 compatible stores, protecting content via a full-browser, client-side encryption logic.

proftpd-mysql-password

Support for MySQL PASSWORD() in Proftpd's SQLAuthTypes