Jed Davis jld
jld
/ nestedly.py
Last active
August 29, 2015 14:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os,ctypes,struct,errno,sys | |
| CLONE_NEWUSER = 1 << 28 | |
| start_uid = os.getuid() | |
| start_gid = os.getgid() | |
| c = ctypes.CDLL("libc.so.6", use_errno = True) | |
| def drop_caps(): |
jld
/ gist:1c3c2ad1a39c417b6796
Created
March 9, 2015 21:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bees() { comm -23 <(git tag --contains $1'^{/paths are their own incomprehensible}' 2>/dev/null) <(git tag --contains $1'^{/entry: Store badsys error}' 2>/dev/null) } |
jld
/ gist:23a392c8b1a2716c6c6f
Created
February 25, 2015 02:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const keys = ["hasSeccompBPF", "hasSeccompTSync", | |
| "hasUserNamespaces", "hasNetNamespaces", | |
| "hasPidNamespaces", "hasIpcNamespaces", | |
| "hasPrivilegedUserNamespaces", | |
| "canSandboxContent", "canSandboxMedia"]; | |
| let { interfaces: Ci, classes: Cc } = Components; | |
| let sysInfo = Cc["@mozilla.org/system-info;1"].getService(Ci.nsIPropertyBag2); | |
| for (let key of keys) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <inttypes.h> | |
| #include <stdint.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| int | |
| main(int argc, char **argv) | |
| { | |
| uint64_t i; |
jld
/ gist:583754fef341fa5d5812
Created
January 14, 2015 02:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3c21328c-8cfb-4819-9d88-f6e965067350 |
jld
/ gist:36d936f89b64d1e8ebba
Created
December 22, 2014 23:10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <pthread.h> | |
| #include <linux/sched.h> | |
| #include <unistd.h> | |
| #include <stdio.h> | |
| extern int unshare(int); | |
| static void * | |
| thread_main(void *arg) | |
| { |
jld
/ runpidns.py
Created
October 23, 2014 03:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os, sys, ctypes | |
| CLONE_NEWNS = 0x00020000 | |
| CLONE_NEWUSER = 0x10000000 | |
| CLONE_NEWPID = 0x20000000 | |
| c = ctypes.CDLL("libc.so.6", use_errno=True) | |
| def errwrap(f): | |
| def wrapped(*args): |
jld
/ sysinfo.js
Created
September 29, 2014 22:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let Cc = Components.classes; | |
| let Ci = Components.interfaces; | |
| let sysInfo = Cc["@mozilla.org/system-info;1"].getService(Ci.nsIPropertyBag2); | |
| let e = sysInfo.enumerator; | |
| while (e.hasMoreElements()) { | |
| let x = e.getNext().QueryInterface(Ci.nsIProperty); | |
| dump(x.name + ": " + x.value + "\n"); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <fcntl.h> | |
| #include <linux/hw_breakpoint.h> | |
| #include <linux/perf_event.h> | |
| #include <signal.h> | |
| #include <stdint.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <sys/syscall.h> | |
| #include <sys/types.h> |
jld
/ gist:c7899990c07365f2abbb
Created
July 17, 2014 22:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const PR_SET_SECCOMP = 22, SECCOMP_MODE_FILTER = 2, EFAULT = 14 | |
| Components.utils.import("resource://gre/modules/ctypes.jsm") | |
| let libc = ctypes.open("libc.so.6") | |
| let prctl = libc.declare("prctl", ctypes.default_abi, ctypes.int, ctypes.unsigned_long, ctypes.unsigned_long, ctypes.unsigned_long) | |
| prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, 0) | |
| let has_seccomp_bpf = ctypes.errno == EFAULT |