Skip to content

Instantly share code, notes, and snippets.


Erwan erwanlr

View GitHub Profile
erwanlr /
Last active Oct 15, 2020
Realia <= 1.4.0 - Unauthenticated IDOR

While investigating an IDOR issue in the Home Sweet premium theme, allowing arbitrary deletion of Ads, the Realia plugin was found to be the root cause.

In fact, having this plugin installed (which some themes require) can allow unauthenticated attackers to delete arbitrary posts, by submitting a malicious request with the post ID to delete.

In includes/class-realia-submission.php

add_action( 'init', array( __CLASS__, 'process_remove_form' ), 9999 );
public static function process_remove_form() {
  if ( ! isset( $_POST['remove_property_form'] ) || empty( $_POST['property_id'] ) ) {
View errors_spec.rb
require 'rspec'
require 'optparse'
module Test
class Error < StandardError
class AnotherError < Error
def to_s
'this message exactly'
View gist:8235e7d0f27ef79a841f
$ hydra -dvv -t 2 -l admin -p admin -V http-form-get "/test.php:log=^USER^&pwd=^PASS^&testcookie=1:incorrect"
Hydra v8.1 (c) 2014 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
[DEBUG] Ouput color flag is 1
Hydra ( starting at 2015-06-27 20:23:46
[DEBUG] cmdline: hydra -dvv -t 2 -l admin -p admin -V http-form-get /test.php:log=^USER^&pwd=^PASS^&testcookie=1:incorrect
[VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to 1
[DATA] max 1 task per 1 server, overall 64 tasks, 1 login try (l:1/p:1), ~0 tries per task
[DATA] attacking service http-get-form on port 80
[VERBOSE] Resolving addresses ...
View webmock_redirects
#!/usr/bin/env ruby
require 'rubygems'
require 'typhoeus'
require 'webmock'
include WebMock::API
module WebMock
class StubRegistry
erwanlr / gist:9840891
Last active Aug 31, 2015
Data sent & received for WPScan
View gist:9840891
#!/usr/bin/env ruby
require 'typhoeus'
require 'addressable/uri'
require 'pathname'
require 'ruby-progressbar'
# @return [ Integer ] The memory of the current process in Bytes
def memory_usage
`ps -o rss= -p #{}`.to_i * 1024 # ps returns the value in KB
erwanlr / Gemfile
Last active Dec 14, 2015
Typhoeus::Hydra issue
View Gemfile
source ""
gem 'typhoeus', '>=0.6.2'
#gem 'typhoeus', :git => 'git://'
gem 'webmock', '>=1.9.3'
gem 'rspec', :require => 'spec'