Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

starnightcyber starnightcyber

🎯
Focusing
View GitHub Profile
@hannob
hannob / squirrelmail-fix-file-disclosure.diff
Created Mar 14, 2018
squirrelmail quick fix for file disclosure vuln presented at Troopers 2018 (#TR18)
View squirrelmail-fix-file-disclosure.diff
--- squirrelmail.stable/squirrelmail/class/deliver/Deliver.class.php 2017-01-27 21:31:33.000000000 +0100
+++ htdocs/class/deliver/Deliver.class.php 2018-03-14 17:21:10.320000000 +0100
@@ -281,6 +281,7 @@
global $username, $attachment_dir;
$hashed_attachment_dir = getHashedDir($username, $attachment_dir);
$filename = $message->att_local_name;
+ if(!ctype_alnum($filename)) die();
// inspect attached file for lines longer than allowed by RFC,
// in which case we'll be using base64 encoding (so we can split
@thomascube
thomascube / cve-2017-16651.md
Last active Feb 23, 2021
Roundcube Vulnerability CVE-2017-16651
View cve-2017-16651.md

Roundcube Webmail File Disclosure Vulnerability

  • Software: https://roundcube.net/
  • Versions: 1.1.0 - 1.1.9, 1.2.0 - 1.2.6, 1.3.0 - 1.3.2
  • CVE: CVE-2017-16651
  • Author: Thomas Bruederli
  • Release date: 2017-11-09

Summary

Roundcube Webmail allows unauthorized access to arbitrary files on the

@nikallass
nikallass / Kali 2017.1 x64, Docker-ce Install script
Last active Feb 21, 2020
Kali 2017.1 x64, Docker-ce Install script
View Kali 2017.1 x64, Docker-ce Install script
#!/bin/bash
# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update
# remove previously installed Docker
sudo apt-get remove docker docker-engine docker.io* lxc-docker*
# install dependencies 4 cert