shafdo
/ cve-2013-0156.py
Created
August 1, 2021 21:00
CVE-2013-0156: Rails Object Injection (Detailed POC)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| ''' | |
| Date: Monday, August 2, 2021 | |
| Description: CVE-2013-0156: Rails Object Injection (Detailed POC) | |
| Created By: ShaFdo (twitter: @ShalindaFdo) | |
| ----------------------------------------------- | |
| Dependencies: requests | |
| Usage: ./cve-2013-0156.py | |
| Additional Notes: Make sure you mark "cve-2013-0156.py" as an executable before running it :). |
shafdo
/ RSA_2_HS256.py
Created
August 4, 2021 09:08
A simple token crafter script to use when the server not verifying jwt algorithm.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import requests | |
| import base64 | |
| import hmac | |
| import hashlib | |
| # Controls | |
| keyFilePath = "KEY GOES HERE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| The following versions of Struts are affected: | |
| Struts 2.3.5 | |
| Struts 2.3.31 | |
| Struts 2.5 | |
| Struts 2.5.10 | |
| ''' | |
| import requests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #deb cdrom:[Ubuntu 16.04.2 LTS _Xenial Xerus_ - Release amd64 (20170215.2)]/ xenial main restricted | |
| # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to | |
| # newer versions of the distribution. | |
| deb http://us.archive.ubuntu.com/ubuntu/ xenial main restricted | |
| # deb-src http://us.archive.ubuntu.com/ubuntu/ xenial main restricted | |
| ## Major bug fix updates produced after the final release of the | |
| ## distribution. | |
| deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates main restricted |