ethicalhack3r

a=[1,2,3,4]; a.each_with_index{|e,i| p "Iteration #{i}: delete #{e} - size of array #{a.size}"; a.delete(e) }

"Iteration 0: delete 1 - size of array 4"
"Iteration 1: delete 3 - size of array 3"
 => [2, 4] 

ethicalhack3r

#!/bin/bash

while read LINE ; do
  N=$((N+1))
  echo "$N - $LINE"
  python dnsrecon.py -d $LINE -t axfr -c axfr_results/$N-$LINE.csv
done < alexa.txt

ethicalhack3r

<html>
<head>

<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>

<script>
$(function(){
  $( "#button" ).click(function() {
    var query = $("form#DevSearch").find('input[type=text]').val();
    $("span#searchQuery").html(query);

ethicalhack3r

POST /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5ac65c1246b5f=9d09f693c63c1988a9f8a564e0da7743 HTTP/1.1
Host: www.ethicalhack3r.co.uk
User-Agent: BOT/0.1 (BOT for JCE)
Content-Type: multipart/form-data; boundary=---------------------------41184676334
Accept-Language: en-us,en;q=0.5
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Cookie: 6bc427c8a7981f4fe1f5ac65c1246b5f=9d09f693c63c1988a9f8a564e0da7743; jce_imgmanager_dir=%2F; __utma=216871948.2116932307.1317632284.1317632284.1317632284.1; __utmb=216871948.1.10.1317632284; __utmc=216871948; __utmz=216871948.1317632284.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection: Close
Proxy-Connection: close
Content-Length: 1337

ethicalhack3r

Every 2.0s: ls -l /tmp/                                                                                                                                      Sun Aug 25 23:32:20 2013

total 52
-rw------- 1 nginx nginx   650 Aug 25 22:50 phpFi0W7e
-rw------- 1 nginx nginx  1862 Apr 24 10:53 phpLm2rDl
-rw------- 1 nginx nginx 26468 Jun 19 01:33 phpLp8mgp
-rw------- 1 nginx nginx   730 Aug 15 16:24 phpOKZhXI
-rw------- 1 nginx nginx   730 Aug 15 16:24 phpT1EBnQ
-rw------- 1 nginx nginx  1862 Apr 23 23:24 phpkCvyLZ

ethicalhack3r

<a href=”http://www.example.com”>Some Example</a>
<a href=”http://www.example.com”>http://www.example.com</a>

ethicalhack3r

  # PATCH/PUT /submits/1
  # PATCH/PUT /submits/1.json
  def update
    respond_to do |format|
      if @submit.status == 'PENDING'
        if @submit.update(submit_params)
          format.html { redirect_to @submit, notice: 'Submission was successfully updated.' }
          format.json { head :no_content }
        end
      else

ethicalhack3r

ryans-mbp-2:ThreadFix_2.0FINAL ryan$ bash threadfix.sh 
Looking for a key in /Users/ryan/Downloads/ThreadFix_2.0FINAL/tomcat/keystore
Generated a keystore.
Usage:  {start|stop}
ryans-mbp-2:ThreadFix_2.0FINAL ryan$ bash threadfix.sh start
Looking for a key in /Users/ryan/Downloads/ThreadFix_2.0FINAL/tomcat/keystore
Using pre-generated keystore.
mkdir: ./tomcat/logs: File exists
Using CATALINA_BASE:   ./tomcat
Using CATALINA_HOME:   ./tomcat

ethicalhack3r

#################################################################################
# CVE-XXXXX Wordpress and Drupal XML Blowup Attack DoS#
# Author: Nir Goldshlager - Salesforce.com Product Security Team#
# This is a Proof of Concept Exploit, Please use responsibly.#
#################################################################################
#!/usr/bin/env python
from __future__ import print_function
import threading
import time
import urllib

ethicalhack3r

<!DOCTYPE html>
<html>
<body>

<input type="text" name="version1" value="1.0">

<select>
  <option value="&lt;">&lt;</option>
  <option value="&gt;">&gt;</option>
  <option value="=">=</option>