This gist gather a list of log4shell payloads seen on my twitter feeds.
💨 I will update it every time I see new payloads.
The goal is to allows testing detection regexes defined in protection systems.
<!DOCTYPE html> | |
<html> | |
<!-- | |
POC to remove a "sensitive" information from the clipboard after a short period of time. | |
It is used, as an hardening measure, for a legit feature to copy the info into the clipboard. | |
Here the info taken is an IBAN for the example. | |
https://developer.mozilla.org/en-US/docs/Web/API/Clipboard | |
--> |
#!/bin/bash | |
echo "Folder:" | |
pwd | |
for line in $(grep -rFc "@WebMethod" * | grep -v ":0") | |
do | |
services_count=$(echo $line | cut -d':' -f2) | |
java_class_file=$(echo $line | cut -d':' -f1) | |
auth_annot_count=$(grep -rFc "@RolesAllowed" $java_class_file) | |
if [ "$services_count" != "$auth_annot_count" ] | |
then |
package eu.righettod.snippet; | |
import org.apache.pdfbox.Loader; | |
import org.apache.pdfbox.pdmodel.PDDocument; | |
import org.apache.pdfbox.pdmodel.PDDocumentCatalog; | |
import org.apache.pdfbox.pdmodel.PDDocumentInformation; | |
import org.apache.pdfbox.pdmodel.PDDocumentNameDictionary; | |
import org.apache.pdfbox.pdmodel.common.PDMetadata; | |
import org.apache.pdfbox.pdmodel.interactive.action.*; | |
import org.apache.pdfbox.pdmodel.interactive.annotation.AnnotationFilter; |
function Test-WebAcademy-Labs-Status($sessionCookieValue){ | |
$storageFile="$env:USERPROFILE\.webacademy-labs-status" | |
$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession | |
$cookie = New-Object System.Net.Cookie | |
$cookie.Name = "SessionId" | |
$cookie.Value = $sessionCookieValue | |
$cookie.Domain = ".portswigger.net" | |
$session.Cookies.Add($cookie); | |
Write-Host "[i] Status storage file: $storageFile" -ForegroundColor Cyan | |
Write-Host "[+] Retrieving labs status from PortSwigger labs web page..." -ForegroundColor Yellow |
id: CVE-2022-21449 | |
info: | |
name: CVE-2022-21449 test exposure | |
description: The JDK 15-18 have a vulnerability in validation of ECDSA signature so this template detect exposure to CVE-2022-21449 by the JWT validation API in place. | |
author: righettod | |
severity: info | |
tags: cve,2022,java | |
reference: https://neilmadden.blog/2022/04/19/psychic-signatures-in-java |
This gist gather a list of log4shell payloads seen on my twitter feeds.
💨 I will update it every time I see new payloads.
The goal is to allows testing detection regexes defined in protection systems.
#!/bin/bash | |
######################################################################################################### | |
# Script to identify Log4J affected class for CVE-2021-44228 in a collection of EAR/WAR/JAR files | |
# Based on this script: | |
# https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/identify-class-location.sh | |
######################################################################################################### | |
if [ "$#" -lt 1 ]; then | |
script_name=$(basename "$0") | |
echo "Usage:" | |
echo " $script_name [BASE_SEARCH_FOLDER]" |
#!/bin/bash | |
######################################################################################################### | |
# Script to identify Log4J affected class for CVE-2021-44228 in a collection of jar files | |
# Based on this script: | |
# https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/identify-class-location.sh | |
######################################################################################################### | |
if [ "$#" -lt 1 ]; then | |
script_name=$(basename "$0") | |
echo "Usage:" | |
echo " $script_name [APP_LIBS_FOLDER]" |
""" | |
Script was migrated below for better evolution and consistency: | |
https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-report-npm.py | |
""" |
package eu.righettod; | |
import java.net.URI; | |
import java.net.http.HttpClient; | |
import java.net.http.HttpRequest; | |
import java.net.http.HttpResponse; | |
import java.time.Duration; | |
import java.util.Arrays; | |
import java.util.Locale; | |
import java.util.Optional; |