Version 0.1
6th December 2014
This is very much a draft - there are many security, privacy and performance considerations
Nik Cubrilovic nikcub
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # CS-Cart session brute force exploit for v4.2.0 | |
| # see https://www.nikcub.com/posts/cs-cart-v4-2-0-session-hijacking-and-other-vulnerabilities/ | |
| import sys | |
| import requests | |
| import argparse | |
| import re | |
| import string | |
| import random |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| Exploit for Disqus for Wordpress admin stored CSRF+XSS up to v2.7.5 | |
| Blog post explainer: https://www.nikcub.com/posts/multiple-vulnerabilities-in-disqus-wordpress-plugin/ | |
| 12th August 2014 | |
| Nik Cubrilovic - www.nikcub.com | |
| Most of these params are unfiltered/injectable. Not framable on newer Wordpress. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ids = array_map('trim', $_POST['ids']); | |
| $ids = array_map('intval', $ids); | |
| $ids = implode(',', array_values($ids)); | |
| $db->query("SELECT * from table where id IN(" . $ids . ")"); |
nikcub
/ tor-upgrade.md
Last active
August 29, 2015 14:10
Tor HTTP to Onion Upgrade Protocol Draft Proposal
Legal docs at: http://files.nikcub.com/sr/
18 Feb 2014 - BlackHat Call for Papers opens [[1][1]]
04 Apr 2014 - BlackHat call for papers closes [[1][1]]
21 May 2014 - "You don't have to be the NSA to break Tor: Deanonymizing users on a buget" appears on BlackHat schedule [[2][2]]
I hereby claim:
- I am nikcub on github.
- I am nikcub (https://keybase.io/nikcub) on keybase.
- I have a public key whose fingerprint is E207 612C E504 10EF B789 6E34 2E4C E6CA 3D38 5CC5
To claim this, I am signing this object:
Plugin multi-meta-box found running on commercial Wordpress install. First line of code in the first file (line 10 overall) is a straight forward SQLi.
Chrome install - drag + drop onto extensions window at chrome://extensions
nikcub
/ 737190602110963712.json
Last active
May 30, 2016 15:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "created_at": "Mon May 30 07:55:10 +0000 2016", | |
| "id": 737190602110963712, | |
| "id_str": "737190602110963712", | |
| "text": "URL shorteners. Again. Everyone with an inch of clue said these things were a bad idea from day 1. https:\/\/t.co\/R7AHg9Iltx", | |
| "truncated": false, | |
| "entities": { | |
| "hashtags": [], | |
| "symbols": [], | |
| "user_mentions": [], |
This script will install the latest version of the 2.7.x branch of Python alongside the system Python in the users local directory and it will symlink all the binaries in ~/bin
Any app or daemon that you require to run with the latest Python just run it as either the separate user or make sure it is running from the Python linked into `/bin
install-python.sh <version> <path>