l3ouu4n9
/ rails_rce.rb
Created
July 28, 2021 13:48
— forked from postmodern/rails_rce.rb
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # | |
| # Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156) | |
| # | |
| # ## Advisory | |
| # | |
| # https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion | |
| # | |
| # ## Caveats | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # For https://github.com/pittcsc/Summer2022-Internships | |
| # Should have git installed. | |
| # Output file is in markdown format. Default: output.md | |
| # E.g. | |
| # ./intern-grep -F "Cisco" -o cisco.md | |
| # ./intern-grep -E "Amazon.*?Cloud" | |
| # ./intern-grep -i -E "crowdstrike" |
l3ouu4n9
/ Easy bypass for ptrace(PTRACE_TRACEME, 0, 0) in GDB)
Created
May 11, 2021 09:12
— forked from poxyran/Easy bypass for ptrace(PTRACE_TRACEME, 0, 0) in GDB)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Start GDB and execute the following commands: | |
| catch syscall ptrace | |
| commands 1 | |
| set ($eax) = 0 | |
| continue | |
| end | |
| Then, run the app and voilá! you can debug your program :) |
l3ouu4n9
/ BurpTurboIntruderBasicFileWriteMultiParam.py
Created
May 11, 2021 05:11
— forked from rosehgal/BurpTurboIntruderBasicFileWriteMultiParam.py
Burp Suite Turbo Intruder Example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################### This section will mostly remain as it is ################### | |
| def queueRequests(target, wordlists): | |
| engine = RequestEngine(endpoint=target.endpoint, | |
| concurrentConnections=5, | |
| requestsPerConnection=100, | |
| pipeline=False | |
| ) | |
| ################### ---------------------------------------- ################### |