Skip to content

Instantly share code, notes, and snippets.


Nicholas Starke nstarke

View GitHub Profile
View ms-rspec-failures
rspec ./spec/lib/msf/util/exe_spec.rb:65 # Msf::Util::EXE.to_executable_fmt with platform=linux returns an executable when given arch=mipsbe, fmt=elf
rspec ./spec/lib/msf/util/exe_spec.rb:65 # Msf::Util::EXE.to_executable_fmt with platform=linux returns an executable when given arch=mipsle, fmt=elf
rspec ./spec/lib/rex/socket/range_walker_spec.rb:29 # with an invalid hostname should not be valid
rspec ./spec/lib/rex/socket/range_walker_spec.rb:34 # with an invalid hostname and CIDR should not be valid
Failure/Error: verify_bin_fingerprint(format_hash, bin)
expected: /ELF 32-bit MSB executable, MIPS/
got: "/dev/stdin: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, corrupted section header size\n" (using =~)
@@ -1,2 +1,2 @@
nstarke / gist:11306563
Last active Aug 29, 2015
View gist:11306563
--- ../Gemfile.lock 2014-04-25 21:35:15.353280736 +0000
+++ Gemfile.lock 2014-04-25 23:05:47.249280736 +0000
@@ -1,27 +1,27 @@
- activemodel (3.2.14)
- activesupport (= 3.2.14)
+ activemodel (3.2.17)
+ activesupport (= 3.2.17)
nstarke / gist:aabe781c6967a7f03adb
Created Jan 12, 2015
View gist:aabe781c6967a7f03adb
msf > openvas_report_import 1 11
[*] Importing report to database.
[-] Error while running command openvas_report_import: getaddrinfo: Name or service not known
Call stack:
/home/nick/metasploit-framework/lib/rex/socket.rb:181:in `gethostbyname'
/home/nick/metasploit-framework/lib/rex/socket.rb:181:in `getaddresses'
/home/nick/metasploit-framework/lib/rex/socket.rb:165:in `getaddress'
/home/nick/metasploit-framework/lib/msf/core/db_manager/host.rb:93:in `normalize_host'
/home/nick/metasploit-framework/lib/msf/core/db_manager/host.rb:160:in `block in report_host'
View openvas-report
<report content_type='text/xml' extension='xml' format_id='a994b278-1f62-11e1-96ac-406186ea4fc5' id='7fa042b4-55ee-4ece-a647-7f2288e24b5c' type='scan'><owner><name/></owner><name>2015-01-12T01:24:46Z</name><comment/><creation_time>2015-01-12T01:24:46Z</creation_time><modification_time>2015-01-12T01:32:42Z</modification_time><writable>0</writable><in_use>0</in_use><report id='7fa042b4-55ee-4ece-a647-7f2288e24b5c'><report_format/><sort><field>type<order>descending</order></field></sort><filters id='0'><term>sort-reverse=ROWID result_hosts_only=1 min_cvss_base= levels=hmlgd autofp=0 notes=0 overrides=0 first=1 rows=-1 delta_states=cgns</term>hmlgd<phrase/><autofp>0</autofp><notes>0</notes><overrides>0</overrides><apply_overrides>0</apply_overrides><result_hosts_only>1</result_hosts_only><min_cvss_base/><filter>High</filter><filter>Medium</filter><filter>Low</filter><filter>Log</filter><filter>Debug</filter></filters><severity_class id='d4c74cda-89e1-11e3-9c29-406186ea4fc5'><name>nist</name><full_name>NVD Vulnera
nstarke /
Last active Aug 29, 2015
EmberJS one-liner to find unsafe handlebars parameters
# searches for {{{ or }}} in all .handlebars or .hbs files
# {{{ and }}} signify unsafe template parameters in EmberJS
# tested on OS X 10.10
egrep -r --include "*.handlebars" --include "*.hbs" "\{\{\{|\}\}\}" .
nstarke /
Last active Oct 4, 2016
PHP Vulnerability egrep
# this command searches all PHP files in a directory for vulnerable shell functions
egrep -r --include "*.php" -e "(system|exec|popen|pcntl_exec|proc_open)\(" .
# this command searches all PHP files in a directory for certain vulnerable php execution functions
egrep -r --include "*.php" -e "(eval|assert|preg_replace)\(" .
# this command returns instances where variables are echoed out without htmlspecialchars()
# it can be useful for finding XSS vulnerabilities in PHP code
egrep -r --include "*.php" -e "echo\s*\\$.*;" .
nstarke /
Last active Mar 20, 2022
Node.js Security Vulnerability Grep
# this command will return instances where the child_process module is loaded.
# that module is generally a good signal that the application is shelling out
egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "require(\s*)\((\s*)'child_process'(\s*))" .
# this command will return instances where code is dynamically executed.
egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "eval(\s*)\(" .
# this command will check common dangerous functions and report when strings are arguments
egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "(setInterval|setTimeout|new(\s*)Function)(\s*)\((\s*)\".*\"" .
nstarke /
Last active Dec 26, 2018
Python Security Vulnerability Egrep
# this command will return places where the application shells out or dynamically executes code:
egrep -r --include "*.py" -e "exec\(|eval\(|subprocess|popen" .
# DJANGO: find places where HTML encoding is turned off via the "safe" attribute:
grep -r --include "*.py" --include "*.html" -e "|safe" .
# DJANGO: find places where unsafe SQL queries are executed:
egrep -r --include "*.py" -e "\.(raw|execute)\(" .
# Non zero values indicate that some sort of CSRF protection is probably enabled.
View simple-js-obfuscation.js
function rewrite(text) {
var obs = "";
for (var i = 0; i < text.length; i++) {
obs += "(function() { return String.fromCharCode(" + text[i].charCodeAt(0) + "); })() + ";
obs += ' ""';
return obs;
var n = rewrite('console.log("test")');
nstarke / html5-elements.json
Created Aug 9, 2015
List of all HTML5 elements structured in a JSON document
View html5-elements.json
"name": "a",
"start": "<a>",
"end": "</a>"
"name": "abbr",
"start": "<abbr>",
"end": "</abbr>"