> Dear ${user.first_name},
Dear sample01
> Dear ${user.password}
FreeMarket template error: the following has evaluated to null or missing...
Q: Is it safe to allow users to upload templates if they are untrusted?
> Dear ${user.first_name},
Dear sample01
> Dear ${user.password}
FreeMarket template error: the following has evaluated to null or missing...
Q: Is it safe to allow users to upload templates if they are untrusted?
<html> | |
<head> | |
<!-- | |
CVE-2014-6332 PoC to get meterpreter shell or bypass IE protected mode | |
- Tested on IE11 + Windows 7 64-bit | |
References: | |
- original PoC - http://www.exploit-db.com/exploits/35229/ | |
- http://blog.trendmicro.com/trendlabs-security-intelligence/a-killer-combo-critical-vulnerability-and-godmode-exploitation-on-cve-2014-6332/ | |
- http://security.coverity.com/blog/2014/Nov/eric-lippert-dissects-cve-2014-6332-a-19-year-old-microsoft-bug.html |
import java.io.FileInputStream; | |
import java.io.FileNotFoundException; | |
import java.io.IOException; | |
import java.io.InputStream; | |
import java.util.zip.ZipEntry; | |
import java.util.zip.ZipFile; | |
class AndroidXMLDecompress { | |
// decompressXML -- Parse the 'compressed' binary form of Android XML docs | |
// such as for AndroidManifest.xml in .apk files |
require 'msf/core' | |
class Metasploit3 < Msf::Exploit::Remote | |
Rank = ExcellentRanking | |
@@trav_string = '%5c%2e%2e%2f' | |
include Msf::Exploit::Remote::HttpClient | |
def initialize(info = {}) | |
super(update_info(info, |
var page = require('webpage').create(), | |
system = require('system'), | |
address; | |
page.onInitialized = function () { | |
page.evaluate(function () { | |
// additional detection code here perhaps | |
// f.e. detecting STORED/DOM XSS | |
}); |
from scryptos import * | |
p1 = 32581479300404876772405716877547 | |
p2 = 27038194053540661979045656526063 | |
p3 = 26440615366395242196516853423447 | |
n = p1*p2*p3 | |
e = 3 | |
c = int(open("flag.enc", "rb").read().encode("hex"), 16) |