Eldar Marcussen wireghoul
wireghoul
/ life-utf8.c
Created
July 4, 2020 06:39
— forked from katef/life-utf8.c
XBM to UTF-8 braille image things
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * John Conway's Game of Life. | |
| * | |
| * This is written for POSIX, using Curses. Resizing of the terminal is not | |
| * supported. | |
| * | |
| * By convention in this program, x is the horizontal coordinate and y is | |
| * vertical. There correspond to the width and height respectively. | |
| * The current generation number is illustrated when show_generation is set. | |
| * |
wireghoul
/ ELcheck.sh
Created
May 18, 2020 22:52
— forked from EMSeek/ELcheck.sh
Checking Java for EL injection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # By Eldar Marcussen for SEEK 29/04/2020 | |
| echo 'Simplistic Java Expression Language Injection detection' | |
| echo '==================================================}*>>>' | |
| echo ' [*] Identifying use of spring eval with variables:' | |
| grep -HrnE '<spr(ing)?:eval.*\$\{' "$1" | |
| echo ' [*] Identifying EL code definitions.' | |
| grep -hroE '<spr(ing)?:(message|theme).*code=[^>]+>' "$1" | sort -u | sed -e"s/.*code=[\"\']//" -e"s/[\'\"].*//" > /tmp/elcList.txt | |
| echo ' [+] Code list saved as /tmp/elcList.txt' | |
| echo ' [*] Shortlisting codes with arguments.' |
wireghoul
/ apache_modaccouting_postgresql_injection.rb
Last active
August 29, 2015 14:28
— forked from bcoles/apache_modaccouting_postgresql_injection.rb
This module exploits an SQL injection vulnerability in the mod_accounting module for Apache 1.3 when configured to use PostgreSQL. This module uses SQL injection in the HTTP 'Host' header to execute arbitrary commands as the database user. This module has been tested successfully on Apache 1.3.33 on Debian 3.1r8 Sarge with PostgreSQL 7.4.7.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # This module requires Metasploit: http://metasploit.com/download | |
| # Current source: https://github.com/rapid7/metasploit-framework | |
| ## | |
| require 'msf/core' | |
| class Metasploit3 < Msf::Exploit::Remote | |
| Rank = ManualRanking |