esell

At this point, it is probably easier to just use something like this: https://github.com/reznok/Spring4Shell-POC


- clone https://spring.io/guides/gs/handling-form-submission/
- you can skip right to gs-handling-form-submission/complete, no need to follow the tutorial
- modify it so that you can build a war file (https://www.baeldung.com/spring-boot-war-tomcat-deploy)
- install tomcat9 + java 11 (i did it on ubuntu 20.04)
- deploy the war file
- update the PoC (https://share.vx-underground.org/) to write the tomcatwar.jsp file to webapps/handling-form-submission instead of webapps/ROOT

cd789

class Helpers {
    constructor() {
        this.buf = new ArrayBuffer(8);
        this.f64 = new Float64Array(this.buf);
        this.f32 = new Float32Array(this.buf);
        this.u32 = new Uint32Array(this.buf);
        this.u64 = new BigUint64Array(this.buf);
        this.state = {};
    }

artem-smotrakov

public static Object evaluate(String expression) {
    ExpressionFactory factory = new de.odysseus.el.ExpressionFactoryImpl();
    ELContext context = new de.odysseus.el.util.SimpleContext();
    ValueExpression e = factory.createValueExpression(context, expression, Object.class);
    return e.getValue(context);
}

0xf4n9x

POST /druid/indexer/v1/sampler HTTP/1.1
Host: x.x.x.x:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Type: application/json
Content-Length: 1045
Connection: close

nil0x42

Awesome Github OSINT

nil0x42's tips & tricks

📜 get-github-followers-twitter.py

• Scrape twitter account of all github followers of target user on GitHub

📜 get-github-stargazers-twitter.py

• Scrape twitter account of all stargazers of target project on GitHub

PreethamBomma

Suggeted description
The WebControl in
RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI.
The file nodejs/raspberryTortoise.js has no validation on the
parameter incomingString before passing it to the child_process.exec
function.

------------------------------------------

[Additional Information]

fnmsd

//Author:fnmsd
//Blog:https://blog.csdn.net/fnmsd
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Field;
import java.util.HashSet;
import java.util.Scanner;

public class a {

fnmsd

//Author:fnmsd
//Blog:https://blog.csdn.net/fnmsd
package aa;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.util.HashSet;

testanull

package ysoserial.payloads;

import com.mchange.lang.ByteUtils;
import org.apache.commons.collections.Transformer;
import org.apache.commons.collections.functors.ChainedTransformer;
import org.apache.commons.collections.functors.ConstantTransformer;
import org.apache.commons.collections.functors.InvokerTransformer;
import org.apache.commons.collections.keyvalue.TiedMapEntry;
import org.apache.commons.collections.map.LazyMap;
import ysoserial.payloads.annotation.Authors;

tetrillard

#!/usr/bin/env python3
import sys
import requests
import urllib3
import json
import re
from types import SimpleNamespace as Namespace
from feedgen.feed import FeedGenerator

output = ''