| Exploit/description | Path |
|---|---|
| Microsoft Office Online Server SSRF (relay) | /op/view.aspx |
| CVE-2017-11317 CVE-2019-18935 | /Telerik.Web.Ui.WebResource.axd?type=rau |
| CVE-2017-11317 CVE-2019-18935 | /Telerik.Web.UI.DialogHandler.aspx |
| CVE-2020-17519 | /jobmanager/logs/ |
| CVE-2017-7615 | /verify.php?id=1&confirm_hash= |
| CVE-2018-1000130 | /jolokia |
| CVE-2018-1000130 | /actuator/jolokia |
| leak | /actuator/env |
David kafkaesqu3
kafkaesqu3
/ exploitable_webpaths.md
Last active
May 7, 2024 09:38
easy wins - exploitable/leaky web paths
kafkaesqu3
/ CreateThread_ShellcodeInjection.cs
Last active
October 19, 2023 23:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace Inject | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { | |
| byte[] shellcode; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| using System.Text; | |
| public class TestClass | |
| { | |
| public TestClass() | |
| {} |
kafkaesqu3
/ microsoft-wordlist.txt
Last active
September 15, 2023 22:09
microsoft auth endpoint wordlist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /_windows/default.aspx?ReturnUrl=/ | |
| /abs | |
| /abs/ | |
| /adfs/ls | |
| /adfs/ls/wia | |
| /adfs/services/trust/13/windows | |
| /adfs/services/trust/13/windowsmixed | |
| /adfs/services/trust/13/windowstransport | |
| /adfs/services/trust/2005/windows | |
| /adfs/services/trust/2005/windowsmixed |
kafkaesqu3
/ pfx2john.py
Created
July 19, 2023 19:39
— forked from tijme/pfx2john.py
Python3 version of `pfx2john.py` from John the Ripper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # coding: utf-8 | |
| """ | |
| Modified for JtR by Dhiru Kholia in July, 2016 | |
| Copyright (c) 2015 Will Bond <will@wbond.net> | |
| Permission is hereby granted, free of charge, to any person obtaining a copy of | |
| this software and associated documentation files (the "Software"), to deal in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from bs4 import BeautifulSoup | |
| import requests | |
| import shutil | |
| import os | |
| def uniquify(path): | |
| filename, extension = os.path.splitext(path) | |
| counter = 1 | |
| while os.path.exists(path): |
kafkaesqu3
/ repack-nessus-for-debian.log
Last active
April 27, 2022 13:48
Fix for: Unable to locate package Nessus
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@kali:~/packages$ tail /root/live-build-config/build.log | |
| P: Begin installing packages (install pass)... | |
| Reading package lists... | |
| Building dependency tree... | |
| Reading state information... | |
| E: Unable to locate package Nessus | |
| P: Begin unmounting filesystems... | |
| P: Saving caches... | |
| Reading package lists... | |
| Building dependency tree... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| #ifndef MD5_H | |
| #define MD5_H | |
| #include <stdio.h> | |
| #include <string.h> | |
| #pragma region MD5 defines | |
| // Constants for MD5Transform routine. | |
| #define S11 7 | |
| #define S12 12 |
kafkaesqu3
/ mem-loader.asm
Created
September 15, 2021 16:54
— forked from zznop/mem-loader.asm
Fun little loader shellcode that executes an ELF in-memory using an anonymous file descriptor (inspired by https://x-c3ll.github.io/posts/fileless-memfd_create/)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | |
| ;;; | |
| ;;; Copyright (C), zznop, brandonkmiller@protonmail.com | |
| ;;; | |
| ;;; This software may be modified and distributed under the terms | |
| ;;; of the MIT license. See the LICENSE file for details. | |
| ;;; | |
| ;;; DESCRIPTION | |
| ;;; | |
| ;;; This PoC shellcode is meant to be compiled as a blob and prepended to a ELF |
kafkaesqu3
/ drvscan.cpp
Created
May 6, 2021 00:00
— forked from adrianyy/drvscan.cpp
vulnerable driver scanner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string> | |
| #include <vector> | |
| #include <fstream> | |
| #include <iostream> | |
| #include <filesystem> | |
| #include <Windows.h> | |
| #include <winternl.h> | |
| static_assert( sizeof( void* ) == 8 ); |
NewerOlder