objection stetho plugin
This plugin should sideload Facebook's Stetho [1], loaded as a plugin in objection[2].
[1] http://facebook.github.io/stetho/
[2] https://github.com/sensepost/objection
leonjza
/ pinning.ts.diff
Created May 16, 2019
SSLCertificateChecker-PhoneGap-Plugin Pinning Disable
View pinning.ts.diff
| diff --git a/agent/src/ios/pinning.ts b/agent/src/ios/pinning.ts | |
| index 1f9407a..aa2152a 100644 | |
| --- a/agent/src/ios/pinning.ts | |
| +++ b/agent/src/ios/pinning.ts | |
| @@ -283,6 +283,38 @@ export namespace sslpinning { | |
| }); | |
| }; | |
| + const cordovaCustomURLConnectionDelegate = (ident: string): InvocationListener => { | |
| + // https://github.com/EddyVerbruggen/SSLCertificateChecker-PhoneGap-Plugin/blob/ |
View README.md
leonjza
/ cve-2018-6671.txt
Last active Mar 8, 2019
cve-2018-6671 McAfee ePO 5.9.1 Registered Executable Local Access Bypass
View cve-2018-6671.txt
| # CVE-2018-6671 McAfee ePO 5.9.1 Registered Executable Local Access Bypass | |
| # Specifying an X-Forwarded-For header bypasses the local only check | |
| # https://kc.mcafee.com/corporate/index?page=content&id=SB10240 | |
| # https://nvd.nist.gov/vuln/detail/CVE-2018-6671 | |
| # | |
| # 2019 @leonjza | |
| # | |
| # Tested on ePO v5.9.1, missing hotfix EPO5xHF1229850 | |
| POST /Notifications/testRegExe.do HTTP/1.1 |
View cve-2019-6340.py
| #!/usr/bin/env python3 | |
| # CVE-2019-6340 Drupal <= 8.6.9 REST services RCE PoC | |
| # 2019 @leonjza | |
| # Technical details for this exploit is available at: | |
| # https://www.drupal.org/sa-core-2019-003 | |
| # https://www.ambionics.io/blog/drupal8-rce | |
| # https://twitter.com/jcran/status/1099206271901798400 |
View index.html
| <html> | |
| <head></head> | |
| <body id="drop_zone" ondragenter="dragEnterHandler(event);"> | |
| <div> | |
| <p>Drag one or more files to this Drop Zone ...</p> | |
| </div> | |
| </body> |
View mq_clients.go
| package main | |
| import ( | |
| "context" | |
| "flag" | |
| "log" | |
| "os" | |
| "os/exec" | |
| "regexp" | |
| "strings" |
View convert.py
| #!/usr/bin/python | |
| # Invoke-Kerberoast output hash extractor. | |
| # | |
| # For when you have: | |
| # TicketByteHexStream : | |
| # Hash : $krb5tgs$23$*sqlSvc$Adomain.com$MSSQLSvc/sqlserver.Adomain.com:1433*$C13BFD40143C0E | |
| # .... | |
| # SamAccountName : sqlSvc | |
| # DistinguishedName : CN=sqlSvc,OU=ServiceAccounts,DC=Adomain,DC=com |
View README.md
☄️ go-out
This code now lives at: https://github.com/sensepost/go-out
A simple, dependency free, Golang egress buster using @mubix letmeoutofyour.net and @bhinfosecurity allports.exposed services.
install
Save the main.go file and either go run main.go or build it with go build -o go-out main.go, moving the resultant binary to your place of choice.
cross compiling
View crypt.php
| <?php | |
| /* | |
| * Quick 'n Dirty Laravel ~5.6 decrypter. | |
| * @leonjza | |
| * | |
| * Typically, if you see a key with the format base64:key_string then | |
| * you know you need this decrypter. | |
| * | |
| * For Laravel ~5.1, use: https://gist.github.com/leonjza/ce27aa7435f8d131d93f |
View install.sh
| # https://docs.docker.com/engine/installation/linux/docker-ce/debian/ | |
| curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - | |
| echo "deb https://download.docker.com/linux/debian stretch stable" >> /etc/apt/sources.list | |
| apt install docker-ce | |
| # test that this thing is on | |
| docker run hello-world |
NewerOlder