How to use the –scope option in Sqlmap?
How to sort the results of Google Dorks in Sqlmap using the –scope option?
Category Archives: regex
How to reduce font size for all images, dates and times in Microsoft MHT document? [migrated]
How to easily, non-programming, non-third-party way to reduce size of all:
dates and time
Images
Headers
Doing so helps those read essential information within MHT document from Steps Recorder.
As example, Windows Steps Recorder is showi… Continue reading How to reduce font size for all images, dates and times in Microsoft MHT document? [migrated]
Is VBScript RegExp object exploitable with a code injection or does it escape special characters?
The VBScript’s RegExp object used in Classic ASP allows one to set a pattern then execute it. If a user provides the search string, is it exploitable for IDS08-J / CWE-625 (Permissive Regex)? Or does the RegExp object sanitize input to … Continue reading Is VBScript RegExp object exploitable with a code injection or does it escape special characters?
Can I use pcres in Suricata for UDP traffic?
I have a pattern that goes like this:
Starts with |00|, is followed by a variable number of ASCII characters in uppercase that can have at most length 22, followed by 12 |00| bytes, followed by 6 random bytes, followed by an md5 hash, foll… Continue reading Can I use pcres in Suricata for UDP traffic?
Hackaday Links: October 30, 2022
Sad news for kids and adults alike as Lego announces the end of the Mindstorms line. The much-wish-listed line of robotics construction toys will be discontinued by the end of …read more Continue reading Hackaday Links: October 30, 2022
Bypass XSS filter in data- attribute
My web application allows users to make custom divs with whitelisted attributes. One of them is data-{user-input}.
Recently I have seen the following XSS payload:
[[div data-test/onmouseover=alert(1)]]
So I added the following code:
… Continue reading Bypass XSS filter in data- attribute
How to Use PowerShell Grep: Select-String and RegEx Real World Examples
Grep (Global Regular Expression Print) is a commonly used Linux… Continue reading How to Use PowerShell Grep: Select-String and RegEx Real World Examples
Stopping a Subscription Bomb
Are there any methods for stopping a subscription bomb other than issuing a new email address? Creating gmail filters is only getting us so far as there are more emails coming in than we can keep up with. It feels like a losing battle.
Is … Continue reading Stopping a Subscription Bomb
How do I bypass a regex filter that filters all html to avoid xss?
How do I bypass a regex filter that filters all html to avoid xss? I’ve tried using things like <img src="aa" onerror="alert(1)"> but still no luck. This is for a CTF challenge btw.
The regex is: <[\s\S… Continue reading How do I bypass a regex filter that filters all html to avoid xss?
How do I bypass a regex filter that filters all html to avoid xss?
How do I bypass a regex filter that filters all html to avoid xss? I’ve tried using things like <img src="aa" onerror="alert(1)"> but still no luck. This is for a CTF challenge btw.
The regex is: <[\s\S… Continue reading How do I bypass a regex filter that filters all html to avoid xss?