Skip to content

Instantly share code, notes, and snippets.

View wireghoul's full-sized avatar

Eldar Marcussen wireghoul

505 followers · 44 following
View GitHub Profile
@wireghoul
wireghoul / Printerlogic-disclosure.md
Last active May 27, 2023 23:24
Printerlogic-disclosure

PrinterLogic SaaS, multiple vulnerabilities

PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/

Background

The following findings were identified by performing both dynamic testing of the PrinterLogic SaaS platform and code analysis of the source code contained in the virtual appliance available for download from the PrinterLogic website (Build 1.0.757: July 29th, 2022).

@wireghoul
wireghoul / ducksec.cow
Created April 10, 2015 08:01
Ducksay
root@kali:~# /usr/games/cowsay -f ducksec4 'QUACK THE PLANET!!!'
_____________________
< QUACK THE PLANET!!! >
---------------------
\
\
\ ___
__.' '.
(__} o )
'._. /
@wireghoul
wireghoul / life-utf8.c
Created July 4, 2020 06:39 — forked from katef/life-utf8.c
XBM to UTF-8 braille image things
/*
* John Conway's Game of Life.
*
* This is written for POSIX, using Curses. Resizing of the terminal is not
* supported.
*
* By convention in this program, x is the horizontal coordinate and y is
* vertical. There correspond to the width and height respectively.
* The current generation number is illustrated when show_generation is set.
*
@wireghoul
wireghoul / ELcheck.sh
Created May 18, 2020 22:52 — forked from EMSeek/ELcheck.sh
Checking Java for EL injection
#!/bin/bash
# By Eldar Marcussen for SEEK 29/04/2020
echo 'Simplistic Java Expression Language Injection detection'
echo '==================================================}*>>>'
echo ' [*] Identifying use of spring eval with variables:'
grep -HrnE '<spr(ing)?:eval.*\$\{' "$1"
echo ' [*] Identifying EL code definitions.'
grep -hroE '<spr(ing)?:(message|theme).*code=[^>]+>' "$1" | sort -u | sed -e"s/.*code=[\"\']//" -e"s/[\'\"].*//" > /tmp/elcList.txt
echo ' [+] Code list saved as /tmp/elcList.txt'
echo ' [*] Shortlisting codes with arguments.'
@wireghoul
wireghoul / xntrikfacts.txt
Last active January 21, 2018 22:29
Collection of #xntrikfacts without attribution...
Xntrik dreams in base64
he can smell malware through the insulation on an ethernet cable
People talk about the time he turned left instead of right and the entire traffic system fell over
His moustache is classified as a cyberweapon under the Wassenaar Agreement.
- His moustache is also dual use
The top secret method of HTTP compression that is immune to BREACH/CRIME attacks: @xntrik's skinny jeans.
@wireghoul
wireghoul / pf.db
Created January 21, 2018 22:10
Simple checks for auditing PF firewall rules with graudit
/0[ ,\"\'\}]
/1[ ,\"\'\}]
/2[ ,\"\'\}]
/3[ ,\"\'\}]
/4[ ,\"\'\}]
/5[ ,\"\'\}]
/6[ ,\"\'\}]
/7[ ,\"\'\}]
/8[ ,\"\'\}]
[^\#]*from any to any
@wireghoul
wireghoul / apache_modaccouting_postgresql_injection.rb
Last active August 29, 2015 14:28 — forked from bcoles/apache_modaccouting_postgresql_injection.rb
This module exploits an SQL injection vulnerability in the mod_accounting module for Apache 1.3 when configured to use PostgreSQL. This module uses SQL injection in the HTTP 'Host' header to execute arbitrary commands as the database user. This module has been tested successfully on Apache 1.3.33 on Debian 3.1r8 Sarge with PostgreSQL 7.4.7.
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ManualRanking