Dana Epp DanaEpp

## designer.html
<link rel="import" href="../core-icon-button/core-icon-button.html">
<link rel="import" href="../core-toolbar/core-toolbar.html">
<link rel="import" href="../core-header-panel/core-header-panel.html">

<polymer-element name="my-element">

  <template>
    <style>
      :host {
        position: absolute;

## designer.html
<link rel="import" href="../core-icon-button/core-icon-button.html">
<link rel="import" href="../core-toolbar/core-toolbar.html">
<link rel="import" href="../core-header-panel/core-header-panel.html">
<link rel="import" href="../paper-tabs/paper-tabs.html">
<link rel="import" href="../paper-tabs/paper-tab.html">

<polymer-element name="my-element">

  <template>
    <style>

## designer.html
<link rel="import" href="../polymer/polymer.html">

<polymer-element name="my-element">

  <template>
    <style>
      :host {
        position: absolute;
        width: 100%;
        height: 100%;

## setup_report_env.sh
#!/bin/bash

function needInstall() {

	echo "Checking for $1..."
	if ! [ -x "$(command -v $1)" ]; then
		return 0;
	else
		return 1;
	fi

## gen_badchars.py
#!/usr/bin/env python3

import sys

sys.stdout.write("badchars = (\n\tb\"")

pos = 0
for x in range(0,256):
    sys.stdout.write( "\\x" + '{0:02x}'.format(x))
    if pos == 15:

## gist:18500ab8c14893da46ae095678a12f43
#!/bin/env python3

import sys
from pwn import *

exe = "./pwn109.pwn109"
elf = context.binary = ELF(exe, checksec=False)
context.log_level = 'info'

def start(argv=[], *a, **kw):

## exploit110.py
#!/bin/env python3

import sys
from pwn import *

exe = "./pwn110.pwn110"
elf = context.binary = ELF(exe, checksec=False)
context.log_level = 'info'

def start(argv=[], *a, **kw):

## thm-dump.py
#!/bin/env python3
import getpass
import time
import requests
from requests.cookies import create_cookie
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.retry import Retry
import re
from typing import List

## request_logger.py
#!/bin/env python3

"""
request_logger.py

A simple HTTP server that will dump the requests being mirrored from an implant on an API server

WARNING: This will record all header and body content of a request to a JSON file. To reduce the risk of
information disclosure, care should be placed in the ACL of the output file.

## ssti-payloads.txt
{{7*7}}
${7*7}
<%= 7*7 %>
${{7*7}}
#{7*7}
*{7*7}
	<link rel="import" href="../core-icon-button/core-icon-button.html">
	<link rel="import" href="../core-toolbar/core-toolbar.html">
	<link rel="import" href="../core-header-panel/core-header-panel.html">

	<polymer-element name="my-element">

	<template>
	<style>
	:host {
	position: absolute;
	<link rel="import" href="../polymer/polymer.html">

	<polymer-element name="my-element">

	<template>
	<style>
	:host {
	position: absolute;
	width: 100%;
	height: 100%;
	#!/bin/bash

	function needInstall() {

	echo "Checking for $1..."
	if ! [ -x "$(command -v $1)" ]; then
	return 0;
	else
	return 1;
	fi
	#!/usr/bin/env python3

	import sys

	sys.stdout.write("badchars = (\n\tb\"")

	pos = 0
	for x in range(0,256):
	sys.stdout.write( "\\x" + '{0:02x}'.format(x))
	if pos == 15:
	#!/bin/env python3

	import sys
	from pwn import *

	exe = "./pwn109.pwn109"
	elf = context.binary = ELF(exe, checksec=False)
	context.log_level = 'info'

	def start(argv=[], a, *kw):
	#!/bin/env python3
	import getpass
	import time
	import requests
	from requests.cookies import create_cookie
	from requests.adapters import HTTPAdapter
	from requests.packages.urllib3.util.retry import Retry
	import re
	from typing import List
	#!/bin/env python3

	"""
	request_logger.py

	A simple HTTP server that will dump the requests being mirrored from an implant on an API server

	WARNING: This will record all header and body content of a request to a JSON file. To reduce the risk of
	information disclosure, care should be placed in the ACL of the output file.