This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <sys/types.h> | |
| #include <unistd.h> | |
| #include <pwd.h> | |
| #include <errno.h> | |
| #include <assert.h> | |
| #define dprintf(__m) fprintf(stderr, "[DBG] %s\n", __m) | |
| #define dvprintf(__m, ...) fprintf(stderr, "[DBG] " __m "\n", __VA_ARGS__) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'net/http' | |
| require 'uri' | |
| =begin | |
| ruby shellshock.rb http://127.0.0.1/my-cgi/bolo.cgi | |
| =end | |
| if __FILE__ == $0 | |
| uri = ::URI.parse(ARGV.shift) | |
| http = ::Net::HTTP.new(uri.host, uri.port) |
abhisek
/ gist:30933636ca7fa3e6bc92
Created
September 26, 2014 11:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| env x='() { :;}; echo Vulnerable' bash -c "echo Hello" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| printf "Content-type: text/html\n\n"; | |
| printf "Hello, World."; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <sys/time.h> | |
| #include <netinet/in.h> | |
| #include <unistd.h> | |
| #include <signal.h> | |
| #include <assert.h> |
abhisek
/ burp_smime_sign.rb
Created
September 20, 2016 07:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'java' | |
| java_import 'burp.IBurpExtender' | |
| java_import 'burp.IHttpListener' | |
| java_import 'burp.IProxyListener' | |
| java_import 'burp.IScannerListener' | |
| java_import 'burp.IExtensionStateListener' | |
| class BurpExtender | |
| include IBurpExtender, IHttpListener, IProxyListener, IScannerListener, IExtensionStateListener | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Api::V1::ProjectsController < Api::V1::ApiController | |
| before_filter :authenticate_api_user! | |
| before_filter :load_customer! | |
| def index | |
| @projects = @customer.projects.order('created_at DESC') | |
| render :json => @projects, :except => project_exclusions, | |
| :methods => project_inclusions |
abhisek
/ nodejs-express-jwt.js
Created
April 24, 2017 06:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var jwt = require('express-jwt'); | |
| var JwtTokenValidator = { | |
| validateToken: function(req, res, next) { | |
| if(req.user) { | |
| next(); | |
| } else { | |
| res.status(401).json({ error: 'JwtMissingOrIncorrect', message: 'JWT token is missing or incorrect.' }); | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class DataServiceClient | |
| def initialize(customer_id) | |
| raise "Invalid Customer Id" if customer_id.to_i.zero? | |
| @customer_id = customer_id.to_i | |
| @client = RestClient::Resource.new(ENV['DATA_API_URL'] + '/customers/' + @customer_id.to_s, | |
| :headers => { 'X-Access-Token' => ENV['DATA_API_KEY'], 'Accept' => 'application/json' }) | |
| end | |
| def info |
abhisek
/ apigw_sinatra.rb
Created
April 26, 2017 17:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def decode_jwt(id_token) | |
| id_token = id_token.slice(7 .. -1) if id_token =~ /^Bearer/i | |
| JWT.decode id_token, ENV['AUTH0_CLIENT_SECRET'], true, | |
| algorithm: ENV['AUTH0_JWT_ALGO'], verify_iss: true, | |
| aud: ENV['AUTH0_CLIENT_ID'], | |
| verify_aud: true | |
| end | |
| before do |