Skip to content

Instantly share code, notes, and snippets.

Avatar

Louis Dion-Marcil ldionmarcil

View GitHub Profile
@ldionmarcil
ldionmarcil / confurl.sh
Created Mar 2, 2021
Bash wrapper around Confused to support URLs
View confurl.sh
function confurl() {
url="$1"
content=$(curl -s "$url")
type="npm" #default to npm
if [[ "$content" == *"=="* ]]; then
type="pip"
elif [[ "$content" == *"dependencies\""* ]]; then
type="npm"
elif [[ "$content" == *"maven.apache.org"* ]]; then
View matrixbot.py
from matrix_client.client import MatrixClient
client = MatrixClient("https://matrix.org")
token = client.login_with_password(username="user", password="pass")
print("connected...")
room = client.join_room("!room:matrix.org")
print ("Room joined")
@ldionmarcil
ldionmarcil / DESCRIPTION.md
Last active Dec 31, 2016
Authenticated directory listing in XCloner WP plugin <3.5.1, leads to full backups disclosure
View DESCRIPTION.md

Description

Authenticated users are able to perform directory listings at any location available to the Wordpress user, leaking filenames of previous backups. This was found in XCloner - Backup and Restore version 3.1.5, but may have been introduced in earlier versions. Attackers can leverage directory listings to leak otherwise secret filepaths to previous backups, allowing them to acquire full backup contents, since the backup download is not authenticated.

POC

Logged in as a regular, unprivileged user (subscriber)

@ldionmarcil
ldionmarcil / DESCRIPTION.md
Last active Aug 28, 2016
Stored XSS in Newsletter WP plugin<4.6.0, could lead to privilege escalation
View DESCRIPTION.md

Description

There is a stored XSS vulnerability in the Newsletter Wordpress plugin version 4.6.0 when editors are given access to the Newsletter plugin. Editors are able to modify any subsriber's secret token, which is then displayed unescaped in various places in the administration panel. Attackers can then modify a token to contain a javascript snippet that will be served to and executed by administrators using the Newsletter panel, which may be used in order to perform an escalation of privileges. Found in version 4.6.0

POC

@ldionmarcil
ldionmarcil / DESCRIPTION.md
Created Aug 27, 2016
Unauthenticated stored XSS affecting admins in 404-to-301<2.3.1
View DESCRIPTION.md

Description

There is a stored XSS in the 404-to-301 WP plugin<2.3.1. Unauthenticated users can visit a specially crafted URL and the redirect path will be logged to the database. The redirection source is stored unescaped in the database, thus it is served as-is and evaluated in the browsers of logged-in admins when they check the redirection logs on http://wordpress/wp-admin/admin.php?page=i4t3-logs. Affected versions are <2.3.1.

POC

@ldionmarcil
ldionmarcil / gist:4f4ad5e39107e5702c84
Created Apr 1, 2015
vote greve ets printemps 2015
View gist:4f4ad5e39107e5702c84
counter = 0
gel = {"Abstention" : 0,
"Pour" : 0,
"Contre" : 0,
"": 0}
greve = {"Abstention" : 0,
"Pour" : 0,
"Contre" : 0,
"": 0}
View gist:b22110de8b2d6664506d
[ldionmarcil:~]$ sudo cat /etc/netctl/wlp3s0-Eduroam
[sudo] password for ldionmarcil:
Description='A wireless connection using a custom network block configuration'
Interface=wlp3s0
Connection=wireless
Security=wpa-configsection
IP=dhcp
DNS=(8.8.8.8 8.8.4.4)
WPAConfigSection=(
'ssid="Eduroam"'
View gitconfig
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = git@github.com:ldionmarcil/blindr-backend.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
View gist:f5f4858cd660fe4d2445
* Cheminement
| Sigle | Description | Complété? | Type |
|--------+-----------------------------------------------------------------------+-------------+----------------|
| PRE010 | Initiation au milieu industriel (1 cr.) | Oui | Général |
| CHM131 | Chimie et matériaux (4 cr.) | Oui | Général |
| COM115 | Communication interculturelle (3 cr.) | Oui | Général |
| ING150 | Statique et dynamique (4 cr.) | Oui | Général |
| MAT144 | Introduction au mathémathiques du génie (0 cr.) | Oui | Général |
| MAT145 | Calcul différentiel et intégral (4 cr.) | Oui | Général |
| GIA400 | Analyse de rentabilité de projets (3 cr.) | | G
View gist:55aebaaacfe00f04e399
* MC
** Pros
- Pas cher... reste à voir
- Apprends bcp...
- Attirant pour le monde d'ÉLÉ
** Cons
- Codé en C/assembly... assez hardcore et low level
- Montage manuel nécéssaire (loadé le MC sur un breadboard, faire le filage, souder, c'est fragile)
- j'ai crissement pas le knowledge de faire toute ça
- Choix de pieces difficile et demandant, faut beaucoup de pieces