Old poc examples were full of injections due to migration strategy. Will be rewritten in doc.

2019-11-12 13:16:30 +01:00
parent 049081c8b0
commit 19bc0df968
15 changed files with 0 additions and 367 deletions
@@ -1,19 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add -X POST '/eval' -c '$($(kapow get /request/body) | kapow set /response/stream)'
@@ -1,8 +0,0 @@
 #!/usr/bin/env sh
 curl -X POST --data-binary @- http://localhost:8080/eval <<EOF
 touch /tmp/kapow_was_here
 EOF
 echo 'Proof of success:'
 ls -l /tmp/kapow_was_here
@@ -1,35 +0,0 @@
 <!DOCTYPE html>
 <html>
    <head>
        <meta charset="UTF-8">
        <title>Nmap</title>
    </head>
    <body>
        <form id="nmap-params" method="post" action="nmap.xml">
            <fieldset>
                <legend>Nmap parameters</legend>
                <div>
                    <label for="target_spec">Target Specification:</label>
                    <input name="target_spec" type="text" placeholder="ip, domain, network, range" value="127.0.0.1" required autofocus>
                    <p>
                        Can pass hostnames, IP addresses, networks, etc. e.g.:
                        scanme.nmap.org, microsoft.com/24, 192.168.0.1;
                        10.0.0-255.1-254
                    </p>
                </div>
                <div>
                    <label for="port_ranges">Port Ranges:</label>
                    <input name="port_ranges" type="text" placeholder="port, range, list" value="8080" required>
                    <p>
                        Only scan specified ports. e.g.: 22; 1-65535;
                        U:53,111,137,T:21-25,80,139,8080,S:9
                    </p>
                </div>
                <div>
                    <input name="scan" type="submit" value="Scan">
                    <input name="reset" type="reset" value="Reset">
                </div>
            </fieldset>
        </form>
    </body>
 </html>
@@ -1,55 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 #
 # Nmap produces an XML report, suitable for rendering in a web browser
 #
 # Call examples:
 #
 # $ browser http://localhost:8080
 #
 # $ curl -v http://localhost:8080/nmap.xml -d 'target_spec=127.0.0.1&port_ranges=9000'
 #
 kapow route add -X GET / - <<-'EOF'
 	cat nmap-web.html | kapow set /response/body
 EOF
 kapow route add -X GET /nmap.xsl - <<-'EOF'
 	curl --silent https://svn.nmap.org/nmap/docs/nmap.xsl	\
 	| kapow set /response/body
 EOF
 kapow route add -X POST /nmap.xml - <<-'EOF'
 	TARGET_SPEC=$(kapow get /request/form/target_spec)
 	: ${TARGET_SPEC:=127.0.0.1}
 	PORT_RANGES=$(kapow get /request/form/port_ranges)
 	: ${PORT_RANGES:=8080}
 	nmap					\
 		-Pn				\
 		-n				\
 		-p "$PORT_RANGES"		\
 		-oX -				\
 		--stylesheet /nmap.xsl		\
 		"$TARGET_SPEC"			\
 	| kapow set /response/body
 EOF
@@ -1,7 +0,0 @@
 FROM bbvalabsci/kapow:latest
 RUN apk add nmap
 COPY nmap.pow /tmp/
 CMD ["server", "/tmp/nmap.pow"]
@@ -1,19 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add -X GET '/list/{ip}' -c 'nmap -sL "$(kapow get /request/matches/ip)" | kapow set /response/body'
@@ -1,41 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add /list/files -c 'ls -la $(kapow get /request/params/path) | kapow set /response/body'
 kapow route add /list/processes -c 'ps -aux | kapow set /response/body'
 kapow route add /show/cpuinfo -c 'kapow set /response/body < /proc/cpuinfo'
 kapow route add /show/memory -c 'free -m | kapow set /response/body'
 kapow route add /show/disk -c 'df -h | kapow set /response/body'
 kapow route add /show/connections -c 'ss -pluton | kapow set /response/body'
 kapow route add /show/mounts -c 'mount | kapow set /response/body'
 kapow route add /tail/dmesg - <<-'EOF'
 	kapow set /response/headers/Content-Type text/plain
 	dmesg -w | kapow set /response/stream
 EOF
 kapow route add /tail/journal - <<-'EOF'
 	kapow set /response/headers/Content-Type text/plain
 	journalctl -f | kapow set /response/stream
 EOF
@@ -1,26 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add -X POST --entrypoint '/bin/zsh -c' '/convert/{from}/{to}' - <<-'EOF'
 	pandoc --from="$(kapow get /request/matches/from)" \
 	       --to="$(kapow get /request/matches/to)" \
 	       --output=>(kapow set /response/body) \
 	       =(kapow get /request/body)
 EOF
 kapow route add -X GET '/formats/input' -c 'pandoc --list-input-formats | kapow set /response/body'
 kapow route add -X GET '/formats/output' -c 'pandoc --list-output-formats | grep -v pdf | kapow set /response/body'
@@ -1,8 +0,0 @@
 #!/usr/bin/env sh
 curl -X POST --data-binary @- http://localhost:8080/convert/markdown/man <<EOF
 # This is not a pipe
 1. hello
 1. goodbye
 EOF
@@ -1,41 +0,0 @@
 <html>
  <head>
  <title>PDF Editor</title>
  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/siimple/dist/siimple.min.css">
  <head>
  <body>
    <div class="siimple-content siimple-content--extra-large">
      <div class="siimple-grid">
 	<div class="siimple-grid-row">
 	  <div class="siimple-grid-col siimple-grid-col--12">
 	    <div class="siimple-grid-col siimple-grid-col--6">
 	      <div class="siimple-form">
 		<form action="/editor/pdf" method="post" target="result" id="editor">
 		  <div class="siimple-form-title">AWYSIWYG PDF Editor</div>
 		  <div class="siimple-form-field">
 		    <div class="siimple-form-field-label">InputFormat</div>
 		    <select name="from">
 		      <option value="markdown">Markdown</option>
 		      <option value="rst">ReStructuredText</option>
 		    </select>
 		  </div>
 		  <div class="siimple-form-field">
 		    <div class="siimple-form-field-label">InputFormat</div>
 		    <textarea class="siimple-textarea siimple-textarea--fluid" rows="25" name="content">Example text</textarea>
 		  </div>
 		  <div class="siimple-form-field">
 		    <div class="siimple-btn siimple-btn--blue" onclick="document.getElementById('editor').submit();">Preview!</div>
 		  </div>
 		</form>
 	      </div>
 	    </div>
 	    <div class="siimple-grid-col siimple-grid-col--6">
 	      <iframe name="result" src="" style="height: 100%; width: 100%;"></iframe>
 	    </div>
 	  </div>
 	</div>
      </div>
    </div>
  </body>
 </html>
@@ -1,20 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add -X POST --entrypoint ./topdf '/editor/pdf'
 kapow route add / -c 'kapow set /response/headers/Content-Type text/html && kapow set /response/body < pdfeditor.html'
@@ -1,28 +0,0 @@
 #!/usr/bin/zsh
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 tmpfile=$(mktemp --suffix=.pdf)
 pandoc --from="$(kapow get /request/form/from)" --to=pdf --output=${tmpfile} -t latex =(kapow get /request/form/content)
 if [ $? -eq 0 ]; then
 	kapow set /response/headers/Content-Type application/pdf
 	kapow set /response/body < ${tmpfile}
 	kapow set /response/status 200
 else
 	kapow set /response/status 500
 fi
 rm -f ${tmpfile}
@@ -1,16 +0,0 @@
 Remote tcpdump sniffer with source filtering
 ============================================
 1. Add any filter you want to the `tcpdump` command inside `tcpdump.pow` to filter
   any traffic you don't want to be sniffed!
 2. For the sake of simplicity, run `sudo -E kapow server tcpdump.pow`. In a
   production environment, `tcpdump` should be run with the appropiate permissions,
   but kapow can (and should) run as an unprivileged user.
 3. In your local machine run:
   ```bash
   curl http://localhost:8080/sniff/<network-interface> | sudo -E wireshark -k -i -
   ```
   Again, for the sake of simplicity, `Wireshark` is running as root. If you don't want
   to run it this way, follow this guide:
   https://gist.github.com/MinaMikhailcom/0825906230cbbe478faf4d08abe9d11a
 4. Profit!
@@ -1 +0,0 @@
 kapow route add /sniff/{iface} -c 'tcpdump -i "$(kapow get /request/matches/iface)" -U -s0 -w - "not port 8080" | kapow set /response/stream'
@@ -1,43 +0,0 @@
 #!/bin/bash
 #
 # Copyright 2019 Banco Bilbao Vizcaya Argentaria, S.A.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 kapow route add / - <<-'EOF'
 	kapow set /response/headers/Content-Type text/html
 	kapow set /response/body <<-HTML
 		<html>
 		<body>
 		<a href='javascript: Array.from(document.querySelectorAll("a")).filter(x => x.href.indexOf("magnet") != -1 ).map(x => x.href = "http://localhost:8080/save/magnet?link="+encodeURI(x.href))'>Add me to your bookmarks!</a>
 		</body>
 		</html>
 	HTML
 EOF
 kapow route add /save/magnet -e '/bin/bash -c' - <<-'EOF'
 	link=$(kapow get /request/params/link)
 	[ -z $link ] && kapow set /response/status 400 && exit 0
 	watch_folder=/tmp
 	cd $watch_folder
 	[[ "$link" =~ xt=urn:btih:([^&/]+) ]] || exit;
 	echo "d10:magnet-uri${#link}:${link}e" > "meta-${BASH_REMATCH[1]}.torrent"
 	kapow set /response/status 302
 	kapow set /response/headers/Location /torrent/list
 EOF
 kapow route add /torrent/list -c 'kapow set /response/body "Not Implemented Yet"'
		`@@ -1 +0,0 @@`
			`kapow route add /sniff/{iface} -c 'tcpdump -i "$(kapow get /request/matches/iface)" -U -s0 -w - "not port 8080" \| kapow set /response/stream'`