View rawhtml.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(() => { | |
if (!('rawHTML' in HTMLElement.prototype)) { | |
const rules = { | |
createHTML: (ignore, tpl) => { | |
if (!Array.isArray(tpl) || !Array.isArray(tpl.raw) || tpl.raw.length != 1 /* it's all spoofable, but whatever */) { | |
throw new TypeError("Use el.rawHTML`<html here with no interpolation>`"); | |
} | |
return tpl.join(""); | |
} | |
}; |
View ttandsanitizer.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Sanitizer can produce TrustedHTML as long as its configuration respects sinks guarded by TT. | |
// (HTML sinks are only guarded because they themselves could bypass restrictions of script.src etc.) | |
// With the current sanitizer API (no XSS is possible via config), and current TT API (only native XSS sinks are guarded), | |
// Sanitizer can always produce a TrustedHTML. | |
trustedHTML = (new Sanitizer()).sanitizeToTrustedHTML('<div><script>removeme</script>') // yay! | |
// If Web APIs add new native XSS sinks, they should be added simultaneously to TT and Sanitizer | |
// Speculatively, in the future, if TT could guard other custom sinks in the DOM: |
View example.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Custom types for https://github.com/WICG/trusted-types/ | |
// Allow a given TT policy to create custom unspoofable TrustedFoo instances. | |
const installFoo = (policy, rule, policyFactory) => { | |
const creatorSymbol = Symbol(); | |
const map = new WeakMap(); | |
// Some more defensive coding tricks can be applied here | |
// See https://github.com/WICG/trusted-types/blob/master/src/trustedtypes.js for inspiration. | |
class TrustedFoo { |
View gist:50550bf1ab02c0de59acff51f8066202
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// go to https://zff.com/en/community/users/me/watch-list/ | |
https://github.com/wanasit/chrono | |
(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.chrono = f()}})(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){ | |
!function(e,d){"object"==typeof exports&&"undefined"!=typeof module&&"function"==ty |
View angular 1.6 xss, no quotes,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
<meta name="viewport" content="width=device-width"> | |
<title>JS Bin</title> | |
</head> | |
<body> | |
View gist:e52022050e2828ee40bb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Imports a public key to the key server. | |
* @param {!e2e.openpgp.block.TransferablePublicKey} key The ASCII | |
* armored or {e2e.openpgp.block.TransferablePublicKey} key to import. | |
* @return {!e2e.async.Result.<boolean>} True if importing key is succeeded. | |
*/ | |
e2e.openpgp.KeyClient.prototype.importPublicKey = function(key) { | |
var uids = key.getUserIds(); | |
if (uids.length != 1) { |
View gist:8678570
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://w3c.github.io/webappsec/specs/subresourceintegrity/ | |
issues: | |
"3.3.2 Is resource eligible for integrity validation | |
In order to mitigate an attackers ability to read data cross-origin by brute-forcing values via integrity checks, resources are only eligible for such checks if they are same-origin, publically cachable, or is the result of a granted the loading origin explicit access via CORS. [CORS] The following algorithm details these restrictions:" | |
publically cacheable != attacker could could read them anyway. For example - cross origin intranet resources. What if intranet resource is publicly cacheable? still allows for bruteforcing intranet resource body from internet (SOP bypass) |
View credtest.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<a id=a href="http://<?php | |
$blacklist = ':@#"?`/\\'; | |
for ($i = 33; $i < 255; $i++) { | |
if (strpos($blacklist, chr($i)) !== false) { | |
echo urlencode(chr($i)); | |
} else | |
//echo urlencode(chr($i)); |
View xssdetect.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var page = require('webpage').create(), | |
system = require('system'), | |
address; | |
page.onInitialized = function () { | |
page.evaluate(function () { | |
// additional detection code here perhaps | |
// f.e. detecting STORED/DOM XSS | |
}); |
View crime.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is supposedly what CRIME by Juliano Rizzo and Thai Duong will do | |
# Algorithm by Thomas Pornin, coding by xorninja, improved by @kkotowicz | |
# http://security.blogoverflow.com/2012/09/how-can-you-protect-yourself-from-crime-beasts-successor/ | |
import string | |
import zlib | |
import sys | |
import random | |
charset = string.letters + string.digits + "%/+=" |
NewerOlder