I hereby claim:
- I am tcbutler320 on github.
- I am tbutler320 (https://keybase.io/tbutler320) on keybase.
- I have a public key ASCEuEQ9G8HqDLiy0ISr-6ZKa0dIV4WGNO1Dx1PqnjVuggo
To claim this, I am signing this object:
* injectme-js | |
Created By: Matthew Fuller - matthewdfuller.com | |
Description: injectme.js is a post-exploitation script loaded on a remote page susceptible to | |
cross-site scripting. It is designed as a proof-of-concept for easily demonstrating the effects | |
of cross-site scripting vulnerabilities. Instead of loading a standard XSS alert popup, use this | |
script to show that user data can be captured without any notice to the user and sent back to a | |
remote server which you own. | |
License: This script is released as-is, free and open-source. You can modify it as needed. | |
*/ |
# Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting (XSS) | |
# Date: 07-01-2021 | |
# Exploit Author: Tyler Butler | |
# Vendor Homepage: https://www.akcp.com/ | |
# Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ | |
# Advisory: https://tbutler.org/2021/06/28/cve-2021-35956 | |
# Version: < SP480-20210624 | |
# CVE: CVE-2021-35956 | |
# Description: Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields. |
# Exploit Title: PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS) | |
# Date: May 3rd 2021 | |
# Exploit Author: Tyler Butler | |
# Vendor Homepage: http://timeclock.sourceforge.net | |
# Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ | |
# Version: 1.04 | |
# Tested on: PHP 4.4.9/5.3.3 Apache 2.2 MySql 4.1.22/5 | |
Description: PHP Timeclock version 1.04 (and prior) suffers from multiple Cross-Site Scripting vulnerabilities |
# Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection | |
# Date: 03.05.2021 | |
# Exploit Author: Tyler Butler | |
# Vendor Homepage: http://timeclock.sourceforge.net | |
# Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ | |
# Version: 1.04 | |
# Tested on: PHP 4.4.9/5.3.3 Apache 2.2 MySql 4.1.22/5 | |
Description: PHP Timeclock is vulnerable to both Boolean and Time Based SQL Injection on login.php via the login_userid parameter. This PoC shows how SQLmap can be used to exploit this vulnerability to dump database contents |
# Exploit Title: HP OfficeJet 4630 Unauthenticated Stored Cross-Site Scripting (XSS) | |
# Google Dork: NA | |
# Date: 01/08/2021 | |
# Exploit Author: Tyler C Butler | |
# twitter: https://twitter.com/tbutler0x90 | |
# github: https://github.com/tcbutler320 | |
# website: https://tbutler.org/ | |
# Linkedin: https://www.linkedin.com/in/tyler-b-a700a1aa/ | |
# Vendor Homepage: https://www8.hp.com/ | |
# Software Link: https://support.hp.com/us-en/product/HP-Officejet-4600-e-All-in-One-printer-series/5305049/model/5305050 |
if (isset($_POST['login_userid']) && (isset($_POST['login_password']))) { | |
$login_userid = $_POST['login_userid']; | |
$login_password = crypt($_POST['login_password'], 'xy'); | |
$query = "select empfullname, employee_passwd, admin, time_admin from ".$db_prefix."employees | |
where empfullname = '".$login_userid."'"; | |
$result = mysql_query($query); | |
while ($row=mysql_fetch_array($result)) { |
version: '3.2' | |
services: | |
php-apache: | |
depends_on: | |
- db | |
build: | |
context: ./timeclock | |
ports: | |
- 80:80 | |
volumes: |
<?php | |
session_start(); | |
include 'config.inc.php'; | |
include 'header.php'; | |
include 'topmain.php'; | |
echo "<title>$title - Admin Login</title>\n"; | |
$self = $_SERVER['PHP_SELF']; |
## Making References | |
This is a reference[<sup>1</sup>]({{ page.url }}/#ref1) | |
<p id="ref1"><small>[1] HP Inc, https://www.hp.com/us-en/shop/pdp/hp-officejet-4630-e-all-in-one-printer</small><p> | |
I hereby claim:
To claim this, I am signing this object: