Skip to content

Instantly share code, notes, and snippets.

View Web.config
... just the web services part ...
<system.serviceModel>
<services>
<service name="MPRBSL.WebServices.AuthenticationService" behaviorConfiguration="anonymousServiceBehavior">
<endpoint address="" contract="MPRBSL.WebServices.IAuthenticationService" binding="wsHttpBinding" bindingConfiguration="myWsHttpsBinding" />
</service>
<service name="MPRBSL.WebServices.IngredientsService" behaviorConfiguration="authenticatedServiceBehavior">
<endpoint address="" contract="MPRBSL.WebServices.IIngredientsService" binding="wsHttpBinding" bindingConfiguration="myWsHttpsBinding" />
</service>
<service name="MPRBSL.WebServices.ShoppingListService" behaviorConfiguration="authenticatedServiceBehavior">
View MyServiceAuthorizationManager.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.ServiceModel;
using MPRBSL.Helpers;
using WebMatrix.WebData;
namespace MPRBSL.WebServices
{
View AccountController.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Transactions;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using DotNetOpenAuth.AspNet;
using Microsoft.Web.WebPages.OAuth;
using WebMatrix.WebData;
View Global.asax.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http;
using System.Web.Mvc;
using System.Web.Optimization;
using System.Web.Routing;
using Mvc4WithAuthentication.Auth;
View HomeController.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
namespace Mvc4WithAuthentication.Controllers
{
[Mvc4WithAuthentication.Auth.CoupleSessionAndFormsAuth()]
public class HomeController : Controller
View CoupleSessionAndFormsAuth.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using WebMatrix.WebData;
using System.Web.Routing;
namespace Mvc4WithAuthentication.Auth
{
View WCF Binary Insertion Point.py
# -*- coding: utf-8 -*-
"""
Created on Thu Jan 10 08:20:14 2013
@author: Nick Coblentz
"""
from burp import IBurpExtender
from burp import IScannerInsertionPointProvider
from burp import IScannerInsertionPoint
View WcfBinaryBurpPlugin.py
# -*- coding: utf-8 -*-
"""
Created on Fri Dec 28 14:16:12 2012
@author: Nick Coblentz
Some of this code is borrowed from Brian Holyfield's Burp plugin located here: https://github.com/GDSSecurity/WCF-Binary-SOAP-Plug-In
It is also fully dependent on having NBFS.exe from his plugin in the same directory as Burp.
"""
from burp import IBurpExtender
View B64ZipBurpExtension.py
# -*- coding: utf-8 -*-
"""
Created on Wed Dec 19 14:20:28 2012
@author: Nick Coblentz
"""
from burp import IBurpExtender
from burp import IMessageEditorTabFactory
from burp import IMessageEditorTab
View gist:1387229
url='http://www.google.com'
browser.goto(url)
browser.execute_script(%q|var el = document.createElement("script");el.setAttribute("src","http://code.jquery.com/jquery-1.6.4.min.js");document.body.appendChild(el);|)
browser.execute_script(%q|var geturl = $.ajax({type: GET,url: '|+url+%q|',complete: function () {$('body').data('httpheaders_complete',true);},success: function (data,status,xhr) {$('body').data('httpheaders',geturl.getAllResponseHeaders());$('body').data('content',data);}});|)
browser.wait_until { browser.execute_script(%q|return $('body').data('httpheaders_complete');|) }
browser.execute_script(%q|return $('body').data('httpheaders');|)