rudSarkar

metadata:
    language: v2-beta
    name: "CVE-2025-29927 - Next.js middleware bypass"
    description: "Checks for differences in responses when using different x-middleware-subrequest header paths"
    author: "Chris Grieger - blueredix.com"
    tags: "next.js", "middleware"

run for each:
    middleware_value = "pages/_middleware",
                       "middleware",

rudSarkar

#!/bin/bash

# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"

rudSarkar

Hacking smart contracts for fun and profit

Description of the game

The goal of the game to break as many contracts as possible! Note: one of these contracts is a HONEYPOT! BE CAREFUL!!

Claim your Ropsten test ether here!

The contracts you need to break and their addresses:

rudSarkar

# -------------------------------------------------
# Protect your .git directory!
# (You don't want anyone to download a copy of your website)
# -------------------------------------------------

# Add to .htaccess

# For Apache 2.4

<DirectoryMatch "^/.*/\.git/">

rudSarkar

## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

rudSarkar

#!/bin/bash
#Performs port scan using nmap

print_usage() {
cat << _EOF_
        Utility to scan open ports. Can be used to scan ports for a domain or a list of domains specified in a file.
        Example Usage:
                -h, --help              Show brief help
                -d, --domain            Domain name or ip to scan
                -f, --file              Spefify a file containing domains/IPs to scan

rudSarkar

Docker image to Virtualbox disk

https://stackoverflow.com/questions/23436613/how-can-i-convert-a-docker-image-into-a-vagrant-virtualbox-box by user blueskin (CC by-sa 3.0)

---

Find the size of the docker image from docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

rudSarkar

id: nuclei-rce

info:
  name: Nuclei Template RCE by Chromium
  author: c3l3si4n
  severity: critical
  tags: rce,hackback

headless:
  - steps:

rudSarkar

id: apk-recon

info:
  name: APK Recon
  author: nullenc0de
  severity: info
  tags: android,file

file:
  - extensions:

rudSarkar

NOTE: Easier way is the X86 way, described on https://www.genymotion.com/help/desktop/faq/#google-play-services

Download the following ZIPs:
    
    ARM Translation Installer v1.1 (http://www.mirrorcreator.com/files/0ZIO8PME/Genymotion-ARM-Translation_v1.1.zip_links)
    
    Download the correct GApps for your Android version:
      Google Apps for Android 6.0 (https://www.androidfilehost.com/?fid=24052804347835438 - benzo-gapps-M-20151011-signed-chroma-r3.zip)
      Google Apps for Android 5.1 (https://www.androidfilehost.com/?fid=96042739161891406 - gapps-L-4-21-15.zip)
      Google Apps for Android 5.0 (https://www.androidfilehost.com/?fid=95784891001614559 - gapps-lp-20141109-signed.zip)