| <!DOCTYPE scan [ | |
| <!ENTITY test SYSTEM "target.xml"> | |
| ]><scan>&test;</scan> |
| #!/usr/bin/env bash | |
| #################################################################################### | |
| # Slack Bash console script for sending messages. | |
| #################################################################################### | |
| # Installation | |
| # $ curl -s https://gist.githubusercontent.com/andkirby/67a774513215d7ba06384186dd441d9e/raw --output /usr/bin/slack | |
| # $ chmod +x /usr/bin/slack | |
| #################################################################################### | |
| # USAGE | |
| # Send message to slack channel/user |
After installing Docker, follow three steps:
Step 1:
Run: docker network create mynet
Step 2:
Run: docker run --name sonar-postgres -e POSTGRES_USER=sonar -e POSTGRES_PASSWORD=sonar -d -p 5432:5432 --net mynet postgres
Step 3:
Run: docker run --name sonarqube -p 9000:9000 -e SONARQUBE_JDBC_USERNAME=sonar -e SONARQUBE_JDBC_PASSWORD=sonar -e SONARQUBE_JDBC_URL=jdbc:postgresql://sonar-postgres:5432/sonar -d --net mynet sonarqube:5.6
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
| /* | |
| * get_sqlcipher_password.js | |
| * Copyright (c) 2019 Elliot Alderson <[email protected]> | |
| * | |
| * Frida.re JS functions to get SQLCipher database passwords. | |
| * | |
| * Example usage: | |
| * # frida -U -f in.gov.uidai.mAadhaarPlus -l get_sqlcipher_password.js --no-pause | |
| * | |
| */ |
| Questions are not from any actual exam!!! | |
| Q: Create a job that calculates pi to 2000 decimal points using the container with the image named perl | |
| and the following commands issued to the container: ["perl", "-Mbignum=bpi", "-wle", "print bpi(2000)"] | |
| Once the job has completed, check the logs to and export the result to pi-result.txt. | |
| Solution: |
| https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code | |
| https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code | |
| https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code | |
| https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI |
| $Source = @" | |
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace ProcDump { | |
| public static class DbgHelp { | |
| [DllImport("Dbghelp.dll")] | |
| public static extern bool MiniDumpWriteDump(IntPtr hProcess, uint ProcessId, IntPtr hFile, IntPtr DumpType, IntPtr ExceptionParam, IntPtr UserStreamParam, IntPtr CallbackParam); | |
| } | |
| } |
| defaults.env | |
| release.zip | |
| js/config.js | |
| js/credentials.js | |
| js/secrets.js | |
| js/keys.js | |
| js/password.js | |
| js/api_keys.js | |
| js/auth_tokens.js | |
| js/access_tokens.js |
Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.
Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.