0xadada

Moved, see VIM Cheatsheet

rgreenjr

-- show running queries (pre 9.2)
SELECT procpid, age(clock_timestamp(), query_start), usename, current_query 
FROM pg_stat_activity 
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%' 
ORDER BY query_start desc;

-- show running queries (9.2)
SELECT pid, age(clock_timestamp(), query_start), usename, query 
FROM pg_stat_activity 
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%' 

skyscribe

#                                                                                                        
#   STL GDB evaluators/views/utilities - 1.03
#
#   The new GDB commands:                                                         
# 	    are entirely non instrumental                                             
# 	    do not depend on any "inline"(s) - e.g. size(), [], etc
#       are extremely tolerant to debugger settings
#                                                                                 
#   This file should be "included" in .gdbinit as following:
#   source stl-views.gdb or just paste it into your .gdbinit file

petermanser

Gitlab 5.4 - Gmail configuration

In order to send messages through a Gmail account (also applicable to Google Apps accounts) add the following parts to your config files:

Files:

• config/environments/production.rb
• config/gitlab.yml

lelandbatey

Description

This simple script will take a picture of a whiteboard and use parts of the ImageMagick library with sane defaults to clean it up tremendously.

The script is here:

#!/bin/bash
convert "$1" -morphology Convolve DoG:15,100,0 -negate -normalize -blur 0x1 -channel RBG -level 60%,91%,0.1 "$2"

Results

hugsy

Even though well known methods exist to bypass ptrace deactivation on a process when spawning (fake ptrace() preloading, breakpoint on ptrace(), etc... ), it is trickier when process is already protected.

Thankfully Linux 3.2+ was generous enough to provide read/write capabilities to another process with 2 new system calls: sys_process_vm_readv and sys_process_vm_writev. (see https://github.com/torvalds/linux/blob/master/arch/x86/syscalls/syscall_64.tbl#L319)

Manual says:

These system calls transfer data between the address space of the calling

zachriggle

RARVM reversible/patchme
 
Modified 'unrar' source to dump context and disassembly.
 
Wrote two separate solvers since the challenge was broken.

To build the disassembler/debugger:

- unzip unrar-src-disassembler.zip -d unrar
- cd unrar

pastcompute

# Assumes strings are referenced downwards from the top of a segment
# e.g - set

f string_end @ 0x80620000

# then addui a0,a0,-12288    <-- string is at 0x8061d000

# This used to add a comment with the text but that broke recently
# So now it adds a comment String_addressofstring
# It adds a xref mut I am still perfecting that

atheriel

PyObject * RustPy_InitModule(const char *name, PyMethodDef *methods, const char *doc) {
    // return Py_InitModule4(name, methods, doc, (PyObject *) NULL, PYTHON_API_VERSION);
    return Py_InitModule3(name, methods, doc);
}

crowell

radare2 is a very cool set of tools that you probably don't know how to use! Let's go through a simple exploit CTF challenge to understand how to use it for exploit development.

We'll be focusing on "ropasaurus rex" which is a simple challenge from Plaid CTF After checking out the latest and greatest radare from git, let's get started!

Open up ropasaurusrex in r2 and call analyze on the binary. We can list the functions with "afl"