poniedzia艂ek, 22 wrze艣nia 2025

Testy walidacji adres贸w e-mail

 

1) Pusty / pomini臋ty

  • Form: email=

  • JSON: {"email": ""}

  • 馃攷 Test: walidacja i obs艂uga b艂臋d贸w

  • 馃搶 Obserwuj: status code, body, timing

2) Spacje / przycinanie

  • Form: email=alicetest@example.com

  • JSON: {"email": " alicetest@example.com "}

  • 馃攷 Test: trimming i kanonikalizacja

  • 馃搶 Obserwuj: akceptacj臋, mail sink target

3) Zduplikowany parametr (dwuznaczno艣膰 parsera)

  • Form: email=alicetest@example.com&email=bobtest@example.com

  • 馃攷 Test: kt贸ry parametr wybiera serwer (pierwszy/ostatni/merge)

  • 馃搶 Obserwuj: do kt贸rej skrzynki trafia wiadomo艣膰

4) Percent-encoded

  • Form: email=%61licetest%40example.com (czyli alicetest@example.com)

sobota, 13 wrze艣nia 2025

Gophish+Evilnginx

Zdobadz domene

Aby nak艂oni膰 odbiorc贸w wiadomo艣ci phishingowych do klikni臋cia, potrzebujesz nazwy domeny, kt贸ra wygl膮da bardzo podobnie do oryginalnej. Mo偶esz r臋cznie zacz膮膰 zastanawia膰 si臋, jakie domeny by艂yby 艣wietne i niezbyt oczywiste, a jednocze艣nie wygl膮da艂yby podobnie... Ale to zajmuje cenny czas. Aby znale藕膰 odpowiednie domeny, mo偶na skorzysta膰 z narz臋dzi takich jak urlcrazy, kt贸re generuj膮 domeny z liter贸wkami i warianty zbli偶one do domeny oryginalnej, lub przeszuka膰 ExpiredDomains.net w poszukiwaniu dost臋pnych obecnie domen o wysokiej reputacji.


ExpireDomains to w istocie kosz na 艣mieci, kt贸ry pokazuje, jak膮 warto艣膰 ma wyrzucona domena... wspania艂e 藕r贸d艂o informacji dla przeciwnik贸w!




https://hackmag.com/security/evilginx-gophish-guide/

https://www.mail-tester.com/

https://outpost24.com/blog/phishing-better-proxy-than-story/


DOMENA: account.i-wypozyczalnia.pl

A -> mail.i-wypozyczalnia.pl -> 45.141.3.55

MX -> @ -> account.i-wypozyczalnia.pl

TXT -> @ -> v=spf1 mx a ip4:45.141.3.55 ~all

TXT - > _DMARC -> v=DMARC1; p=none;



sudo apt install postfix


sudo sed -i 's|^mynetworks = 127\.0\.0\.0/8 \[::ffff:127\.0\.0\.0\]/104 \[::1\]/128|mynetworks = 127.0.0.0/8 45.141.3.55 [::ffff:127.0.0.0]/104 [::1]/128|' /etc/postfix/main.cf


#PODAJ DOMENE KTORA USTAWILES: account.i-wypozyczalnia.pl


sudo apt install opendkim opendkim-tools gcc make -y


pi膮tek, 11 kwietnia 2025

GraphQL Cop - Security Audit Utility for GraphQL

 GraphQL Cop to ma艂e narz臋dzie Pythona do uruchamiania typowych test贸w bezpiecze艅stwa dla interfejs贸w API GraphQL. GraphQL Cop jest idealny do przeprowadzania kontroli CI/CD w GraphQL. Jest lekki i obejmuje interesuj膮ce kwestie bezpiecze艅stwa w GraphQL.


GraphQL Cop pozwala odtworzy膰 wyniki, dostarczaj膮c polecenia cURL dla wszelkich zidentyfikowanych luk w zabezpieczeniach.

Writeup odno艣nie GraphQL - https://blog.koalasec.co/2500-dollars-in-bounties-hacking-graphql 


https://github.com/dolevf/graphql-cop


└─# python3 graphql-cop.py -t https://sdb.ua/?q=getnciesList                                                                    1

[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /graphiql)

[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /playground)

[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /console)

[HIGH] Alias Overloading - Alias Overloading with 100+ aliases is allowed (Denial of Service - /graphql)

[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /graphiql)

[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /playground)

[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /console)

[HIGH] Directive Overloading - Multiple duplicated directives allowed in a query (Denial of Service - /graphql)

[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /graphiql)

[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /playground)

[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /console)

[HIGH] Field Duplication - Queries are allowed with 500 of the same repeated field (Denial of Service - /graphql)

[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /graphiql)

[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /playground)

[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /console)

[LOW] Field Suggestions - Field Suggestions are Enabled (Information Leakage - /graphql)

[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /graphiql)

[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /playground)

[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /console)

[HIGH] Introspection - Introspection Query Enabled (Information Leakage - /graphql)

poniedzia艂ek, 16 grudnia 2024

apk speed enviroment for pentest


emulator -avd Pixel_5_API_30 

 adb root; adb connect localhost:6000; sleep 1; adb push frida-server /data/local/tmp/; adb shell "chmod 755 /data/local/tmp/frida-server"; adb shell "/data/local/tmp/frida-server &" 

next


frida-ps -U |grep APK



  frida -U -n APK --codeshare pcipolloni/universal-android-ssl-pinning-bypass-with-frida 

or

  frida -U -n APK --codeshare akabe1/frida-multiple-unpinning


poniedzia艂ek, 21 pa藕dziernika 2024

run ffuf from all domains from file

httpx -list mexico | xargs -I {} sh -c 'clean_url=$(echo {} | sed -e "s|https://|1|g" -e "s|http://|2|g"); ffuf -u {}/FUZZ -w raft-large-words.txt -ac -c -e .txt,.php,.bak,.txt,.rar,.sql,.zip,.php_,.old,.bak,._old,._php  --recursion --recursion-depth 2 >> ffuf-mexico$clean_url' 

czwartek, 3 pa藕dziernika 2024

Pliki *.js.map

 W aplikacjach webowych pami臋taj aby sprawdza膰 czy deweloper nie zapomnia艂 o usuni臋ciu plik贸w .js.map.


Szybki skrypt w PHP i zazwyczaj dobry efekt


<?php
/**
 * Created by PhpStorm.
 * User: edwinsturt
 * Date: 2020-06-24
 * Time: 00:45
 */

$file = 'main.ff0058ad.js.map';

if(file_exists($file)) {
    $json = json_decode(file_get_contents($file));

    $directories = [];

    foreach ($json->sources as $index => $source) {

        $dir = dirname($source);
        if (!is_dir($dir)) {
            mkdir($dir, 0755, true);
        }
        $data = explode('/', $source);
        $file = end($data);
        file_put_contents($dir . "/" . $file, $json->sourcesContent[$index]);
        $files[] = $dir . "/" . $file;

    }
    echo "<pre>All Source codes has been extracted from map file ";
    print_r($files);
}
?>


php skrypt.php i witamy env :)