ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 18:36:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

XSW 4 Fix #205

Browse Source
This commit is contained in:
Swissky 2020-05-12 14:27:25 +02:00
parent e95a4aeac0
commit a65fdbb568
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Methodology and Resources/Cloud - Azure Pentest.md
View File

@ -30,8 +30,9 @@
$ git clone https://github.com/hausec/PowerZure $ git clone https://github.com/hausec/PowerZure
$ ipmo .\PowerZure $ ipmo .\PowerZure
$ Set-Subscription -Id [idgoeshere] $ Set-Subscription -Id [idgoeshere]
# Reader # Reader
$ Get-Runbook $ Get-Runbook, Get-AllUsers, Get-Apps, Get-Resources, Get-WebApps, Get-WebAppDetails
# Contributor # Contributor
$ Execute-Command -OS Windows -VM Win10Test -ResourceGroup Test-RG -Command "whoami" $ Execute-Command -OS Windows -VM Win10Test -ResourceGroup Test-RG -Command "whoami"

2
SAML Injection/README.md
View File

@ -70,7 +70,7 @@ XML Signature Wrapping (XSW) attack, some implementations check for a valid sign
- XSW1 Applies to SAML Response messages. Add a cloned unsigned copy of the Response after the existing signature. - XSW1 Applies to SAML Response messages. Add a cloned unsigned copy of the Response after the existing signature.
- XSW2 Applies to SAML Response messages. Add a cloned unsigned copy of the Response before the existing signature. - XSW2 Applies to SAML Response messages. Add a cloned unsigned copy of the Response before the existing signature.
- XSW3 Applies to SAML Assertion messages. Add a cloned unsigned copy of the Assertion before the existing Assertion. - XSW3 Applies to SAML Assertion messages. Add a cloned unsigned copy of the Assertion before the existing Assertion.
- XSW4 Applies to SAML Assertion messages. Add a cloned unsigned copy of the Assertion after the existing Assertion. - XSW4 Applies to SAML Assertion messages. Add a cloned unsigned copy of the Assertion within the existing Assertion.
- XSW5 Applies to SAML Assertion messages. Change a value in the signed copy of the Assertion and adds a copy of the original Assertion with the signature removed at the end of the SAML message. - XSW5 Applies to SAML Assertion messages. Change a value in the signed copy of the Assertion and adds a copy of the original Assertion with the signature removed at the end of the SAML message.
- XSW6 Applies to SAML Assertion messages. Change a value in the signed copy of the Assertion and adds a copy of the original Assertion with the signature removed after the original signature. - XSW6 Applies to SAML Assertion messages. Change a value in the signed copy of the Assertion and adds a copy of the original Assertion with the signature removed after the original signature.
- XSW7 Applies to SAML Assertion messages. Add an “Extensions” block with a cloned unsigned assertion. - XSW7 Applies to SAML Assertion messages. Add an “Extensions” block with a cloned unsigned assertion.