Skip to content

Instantly share code, notes, and snippets.

@Xib3rR4dAr
Xib3rR4dAr / keycloak_angular_js_1.8.3_xss_csp_bypass.md
Created November 17, 2024 20:53
Keycloak AngularJS 1.8.3 XSS CSP bypass

blob://example.com/3dfab3bd-a892-4448-92c3-de92d8eed2ea

<img src=x onerror=alert(1)>
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.

angular.min.js

@Xib3rR4dAr
Xib3rR4dAr / phash_solution.md
Last active July 3, 2023 10:55
Solution of challenge "phash" from AUPCTF

phash

Challenge Name: phash
Challenge Text: login source
Initial Hint: No Hint First Hint (when no one solved): Marvel characters (lowercased) Second Hint: Who was the character that fans speculated would appear in a "Marvel Show" but ultimately did not make an appearance? (Third Hint was provided after first 🩸 was obtained by me)

Provided:
image

@Xib3rR4dAr
Xib3rR4dAr / conundrum_solution.md
Created June 26, 2023 19:38
Solution of challenge "conundrum" from AUPCTF
@Xib3rR4dAr
Xib3rR4dAr / wp_xmlrpc_reqs.md
Created November 24, 2022 10:40
Wordpress XMLRPC
POST /xmlrpc.php HTTP/1.1
Host: example.com
Content-Length: 91
Content-Type: application/x-www-form-urlencoded

<methodCall>
<methodName>system.listMethods</methodName>
@Xib3rR4dAr
Xib3rR4dAr / burp-suite-turbo-intruder-race.py
Created February 23, 2022 06:02
Racing script for Turbo Intruder extension in Burp Suite.
# From https://github.com/PortSwigger/turbo-intruder/blob/master/resources/examples/race.py
def queueRequests(target, wordlists):
engine = RequestEngine(endpoint=target.endpoint,
concurrentConnections=30,
requestsPerConnection=100,
pipeline=False
)
# the 'gate' argument blocks the final byte of each request until openGate is invoked
for i in range(30):
@Xib3rR4dAr
Xib3rR4dAr / WP_plugin_wp-statistics_Unauthenticated-Stored-XSS_PoC.md
Last active March 7, 2022 14:16
WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting in `ip`

WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting

Tested onWordpress 5.9
Exploit TitleWordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting
Exploit AuthorMuhammad Zeeshan (Xib3rR4dAr)
DateFebruary 13, 2022
Plugin LinkWP-Statistics
Plugin Active Installations600,000+
Version13.1.5 (Latest)
@Xib3rR4dAr
Xib3rR4dAr / WP_plugin_wp-statistics_Unauthenticated-Stored-XSS_PoC.md
Last active March 7, 2022 14:17
WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting in platform

WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting

Tested onWordpress 5.9
Exploit TitleWordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting
Exploit AuthorMuhammad Zeeshan (Xib3rR4dAr)
DateFebruary 13, 2022
Plugin LinkWP-Statistics
Plugin Active Installations600,000+
Version13.1.5 (Latest)
@Xib3rR4dAr
Xib3rR4dAr / WP_plugin_wp-statistics_Unauthenticated-Stored-XSS_PoC.md
Last active March 7, 2022 14:17
WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting in browser

WordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting

Tested onWordpress 5.9
Exploit TitleWordPress Plugin WP Statistics >= 13.1.5 - Unauthenticated Stored Cross-Site Scripting
Exploit AuthorMuhammad Zeeshan (Xib3rR4dAr)
DateFebruary 13, 2022
Plugin LinkWP-Statistics
Plugin Active Installations600,000+
Version13.1.5 (Latest)
@Xib3rR4dAr
Xib3rR4dAr / WP_plugin_wp-statistics__Multiple-Unauthenticated-SQL-Injections_PoC.md
Last active July 20, 2022 01:58
WordPress Plugin WP Statistics <= 13.1.5 - Multiple Unauthenticated SQL Injection vulnerabilities

WordPress Plugin WP Statistics <= 13.1.5 - Multiple Unauthenticated SQL Injection vulnerabilities

Tested onWordpress 5.9
Exploit TitleWordPress Plugin WP Statistics <= 13.1.5 - Multiple Unauthenticated SQL Injection vulnerabilities
Exploit AuthorMuhammad Zeeshan (Xib3rR4dAr)
DateFebruary 13, 2022
Plugin LinkWP-Statistics
Plugin Active Installations600,000+
Version13.1.5 (Latest)
<?php
// For testing XSS is various status codes
http_response_code($_GET['rCode']); // User controlled response code
echo $_GET['payload']; // User input reflected as it is
?>