Skip to content

Instantly share code, notes, and snippets.

View 1dayluo's full-sized avatar
😼
meow

ElainaDay 1dayluo

😼
meow
View GitHub Profile
@1dayluo
1dayluo / javascript
Created November 2, 2023 06:11
payload收集 - xss危害扩大系列
<!DOCTYPE html>
<html>
<head>
<meta charset=”utf-8" />
<title>Zero Click Account takeover</title>
<meta name=”description” content=”” />
<meta name=”viewport” content=”width=device-width” />
<base href=”/” />
<script src=”lib/socket.io.min.js”></script>
</head>
@1dayluo
1dayluo / clash-naiveproxy.yaml
Created August 23, 2023 10:29 — forked from segfault-bilibili/clash-naiveproxy.yaml
Clash config which makes use of naiveproxy
# 这个配置可以让Clash将naiveproxy作为上游代理,尤其是可以利用它的tun模式方便地实现全局透明代理
# 但很显然,必须额外跑一个naiveproxy客户端,不能做到简单拖动Clash配置后立即可用
# 注意:务必按下述示例把naiveproxy服务器的IPv4/v6地址以及域名加入直连规则
mixed-port: 7890
allow-lan: false
bind-address: '127.0.0.1'
mode: rule
log-level: info
external-controller: '127.0.0.1:9090'
dns:

Setup tor proxy on Arch Linux

Copied from this article.

Installation

  1. Install tor

         $ sudo pacman -S tor
         $ ## nyx provides a terminal status monitor for bandwidth usage, connection details and more.

$ sudo pacman -S nyx

@1dayluo
1dayluo / escapeshellrce.md
Created December 14, 2022 12:40 — forked from Zenexer/escapeshellrce.md
Security Advisory: PHP's escapeshellcmd and escapeshellarg are insecure

Paul Buonopane [email protected] at NamePros
PGP: https://keybase.io/zenexer

I'm working on cleaning up this advisory so that it's more informative at a glance. Suggestions are welcome.

This advisory addresses the underlying PHP vulnerabilities behind Dawid Golunski's [CVE-2016-10033][CVE-2016-10033], [CVE-2016-10045][CVE-2016-10045], and [CVE-2016-10074][CVE-2016-10074]. It assumes prior understanding of these vulnerabilities.

This advisory does not yet have associated CVE identifiers.

Summary

import base64
import hmac
import hashlib
import json
jwt = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjpudWxsfQ.Tr0VvdP6rVBGBGuI_luxGCOaz6BbhC6IxRTlKOW8UjM'
def change_payload(jwt):
payload = jwt.split('.')[1]
@1dayluo
1dayluo / rails_rce.rb
Created September 28, 2022 03:50 — forked from postmodern/rails_rce.rb
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@1dayluo
1dayluo / List of API endpoints & objects
Created April 17, 2022 11:28 — forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000