Wullems Bart wullemsb
wullemsb
/ Program.cs
Created
April 20, 2024 13:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var builder = WebApplication.CreateBuilder(args); | |
| // Add services to the container. | |
| builder.Services.AddControllersWithViews(); | |
| builder.Services.AddSmartComponents(); | |
wullemsb
/ web.config
Created
April 20, 2024 09:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <configuration> | |
| <system.web> | |
| <httpRuntime requestValidationMode="2.0" maxRequestLength="5120" targetFramework="4.6" /> | |
| </system.web> | |
| </configuration> |
wullemsb
/ ParseXML.cs
Last active
April 20, 2024 09:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| XmlReaderSettings xmlReaderSettings = new XmlReaderSettings(); | |
| xmlReaderSettings.ValidationType = ValidationType.Schema; | |
| xmlReaderSettings.Schemas.Add(schema); | |
| //Add this line | |
| xmlReaderSettings.DtdProcessing=DtdProcessing.Prohibit; | |
| var xmlTextReader = new XmlTextReader(new StreamReader(new MemoryStream(xmlData))); | |
| var xmlReader = XmlReader.Create(xmlTextReader, xmlReaderSettings); |
wullemsb
/ MaliciousXML.xml
Created
April 20, 2024 09:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE foo [ | |
| <!ENTITY xxe SYSTEM "file:///C:/inetpub/wwwroot/web.config"> | |
| ]> | |
| <data>xxe example</data> |
wullemsb
/ StoreFiles.sql
Created
April 13, 2024 15:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DECLARE @FILE_PATH VARBINARY(MAX), @TIMESTAMP VARCHAR(MAX), @ObjectToken INT | |
| DECLARE FILEPATH CURSOR FAST_FORWARD FOR SELECT [DATA_DOCUMENT] FROM [DOC].[DOCUMENT] WHERE ID IN(370550, 743574, 370551,370549) | |
| OPEN FILEPATH | |
| FETCH NEXT FROM FILEPATH INTO @FILE_PATH | |
| WHILE @@FETCH_STATUS = 0 | |
| BEGIN | |
| SET @TIMESTAMP = 'C:\temp\' + REPLACE(REPLACE(REPLACE(REPLACE(CONVERT(VARCHAR, GETDATE(), 121), '-', ''), ':', ''), '.', ''), ' ', '') + '.lnk' | |
| PRINT @TIMESTAMP | |
| EXEC sp_OACreate 'ADODB.Stream', @ObjectToken OUTPUT | |
| EXEC sp_OASetProperty @ObjectToken, 'Type', 1 |
wullemsb
/ RequestResponseLoggingMiddleware.cs
Created
April 13, 2024 14:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class RequestResponseLoggingMiddleware: IMiddleware | |
| { | |
| private readonly IApiLoggingService _apiLoggingService; | |
| public RequestResponseLoggingMiddleware(IApiLoggingService apiLoggingService) | |
| { | |
| _apiLoggingService=apiLoggingService; | |
| } | |
| public async Task InvokeAsync(HttpContext context, RequestDelegate next) |
wullemsb
/ RequestResponseLoggingMiddleware.cs
Created
April 13, 2024 14:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class RequestResponseLoggingMiddleware: IMiddleware | |
| { | |
| public async Task InvokeAsync(HttpContext context, RequestDelegate next) | |
| { | |
| // Call the next delegate/middleware in the pipeline. | |
| await next(context); | |
| } | |
| } |
wullemsb
/ Program.cs
Created
April 13, 2024 14:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var builder = WebApplication.CreateBuilder(args); | |
| builder.Services.AddTransient<RequestResponseLoggingMiddleware>(); |
wullemsb
/ RequestResponseLoggingMiddleware.cs
Created
April 13, 2024 14:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class RequestResponseLoggingMiddleware | |
| { | |
| private readonly RequestDelegate _next; | |
| public RequestResponseLoggingMiddleware(RequestDelegate next) | |
| { | |
| _next = next; | |
| } | |
| public async Task Invoke(HttpContext httpContext, IApiLoggingService apiLoggingService) |
wullemsb
/ Program.cs
Created
April 13, 2024 14:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| services.TryAddTransient<IApiLoggingService, ApiLoggingService>(); | |
| services.AddScoped<IInterceptor, AuditInterceptor>(); |