XML RPC method exposed:
- system.multicall
- system.methodSignature
- system.getCapabilities
- system.listMethods
- system.methodHelp
Request template:
<?xml version="1.0"?>
Dominique RIGHETTO righettod
👨💻
righettod
/ portswigger-webacademy-status-check.ps1
Last active
September 2, 2022 16:48
Quick PowerShell functions to identify any courses or labs missed from the Portswigger WebAcademy courses.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Test-WebAcademy-Labs-Status($sessionCookieValue){ | |
| $storageFile="$env:USERPROFILE\.webacademy-labs-status" | |
| $session = New-Object Microsoft.PowerShell.Commands.WebRequestSession | |
| $cookie = New-Object System.Net.Cookie | |
| $cookie.Name = "SessionId" | |
| $cookie.Value = $sessionCookieValue | |
| $cookie.Domain = ".portswigger.net" | |
| $session.Cookies.Add($cookie); | |
| Write-Host "[i] Status storage file: $storageFile" -ForegroundColor Cyan | |
| Write-Host "[+] Retrieving labs status from PortSwigger labs web page..." -ForegroundColor Yellow |
righettod
/ identify-log4j-class-location.sh
Last active
January 17, 2022 12:01
Script to identify Log4J affected class for CVE-2021-44228 in a collection of ear/war/jar files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ######################################################################################################### | |
| # Script to identify Log4J affected class for CVE-2021-44228 in a collection of EAR/WAR/JAR files | |
| # Based on this script: | |
| # https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/identify-class-location.sh | |
| ######################################################################################################### | |
| if [ "$#" -lt 1 ]; then | |
| script_name=$(basename "$0") | |
| echo "Usage:" | |
| echo " $script_name [BASE_SEARCH_FOLDER]" |
righettod
/ identify-class-location.sh
Last active
December 13, 2021 19:16
Script to identify Log4J affected class for CVE-2021-44228 in a collection of jar files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ######################################################################################################### | |
| # Script to identify Log4J affected class for CVE-2021-44228 in a collection of jar files | |
| # Based on this script: | |
| # https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/identify-class-location.sh | |
| ######################################################################################################### | |
| if [ "$#" -lt 1 ]; then | |
| script_name=$(basename "$0") | |
| echo "Usage:" | |
| echo " $script_name [APP_LIBS_FOLDER]" |
righettod
/ odc_report.py
Last active
November 10, 2021 09:18
Quick script to format the result of a OWASP Dependency Check (ODC) JSON report
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Script was migrated below for better evolution and consistency: | |
| https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-report-odc.py | |
| """ |
righettod
/ npm_report.py
Last active
November 10, 2021 09:18
Quick script to format the results of a JSON scan report from NPM audit.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Script was migrated below for better evolution and consistency: | |
| https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-report-npm.py | |
| """ |
righettod
/ retirejs_report.py
Last active
November 10, 2021 09:17
Quick script to format the results of a JSON scan report from RetireJS.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Script was migrated below for better evolution and consistency: | |
| https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-report-retirejs.py | |
| """ |
righettod
/ PSD2StetHelper.java
Created
August 1, 2021 17:46
Method to try to decrease the exploitability/interest of the SSRF by design exposed by HTTP Signature in PSD2 STET usage context.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package eu.righettod; | |
| import java.net.URI; | |
| import java.net.http.HttpClient; | |
| import java.net.http.HttpRequest; | |
| import java.net.http.HttpResponse; | |
| import java.time.Duration; | |
| import java.util.Arrays; | |
| import java.util.Locale; | |
| import java.util.Optional; |
righettod
/ rpc-req.md
Last active
February 16, 2021 19:08
Request template to test XML RPC service exposed from CMS like Drupal, Wordpress...
righettod
/ poc_clear-site-data_header.php
Created
February 13, 2021 14:55
POC of usage of the "Clear-Site-Data" HTTP response header.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //Local command to run example: "php -S localhost:8000" | |
| //Get optional action: login / logout / random | |
| $action="NA"; | |
| if (isset($_GET["a"])) { | |
| $action=$_GET["a"]; | |
| } | |
| switch ($action) { | |
| //Login action fill session and local storage dummy data | |
| case "login": |
righettod
/ venom_security_tests_suite.yml
Last active
February 13, 2021 14:54
VENOM sample security tests suite
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security authorization test suites | |
| # HOME: https://github.com/ovh/venom | |
| # TEST API: https://gorest.co.in/ | |
| vars: | |
| target_host: "" | |
| testcases: | |
| - name: GetUserFromCollection | |
| steps: | |
| - type: http | |
| method: GET |