Skip to content

Instantly share code, notes, and snippets.

CTurt / Bookmark
Last active Jan 24, 2021
Bookmark specific location within page without any id attributes; only works for pages that allow iframe
View Bookmark
data:text/html,<html><body style="margin:0; padding:0;"><iframe id='i' src='' width=100% frameborder=0 margin=0 scrolling=no style="height: calc(100vh + 170px + 200px);"></iframe></body><script>window.scrollTo(0, 170);window.onscroll = function(e) {if((window.innerHeight + window.scrollY) >= document.body.offsetHeight - 200) {document.getElementById('i').style.height = window.innerHeight + window.scrollY + 200;}};</script></html>
CTurt / iop.c
Last active Aug 8, 2020
Find location of exported function in an IOP RAM dump (FlushDCache and FlushICache)
View iop.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
#include <inttypes.h>
typedef unsigned char u8;
typedef unsigned short u16;
typedef unsigned int u32;
CTurt / named.c
Last active Sep 3, 2017
C named array elements
View named.c
Abusing C preprocessor to allow you declare enumerator values for each item of an array, inline of the array definition - so that you don't have to repeat list twice like this:
enum {
struct type array[] = {
View udp.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
void server(void) {
CTurt / x.c
Created Jan 30, 2016
PoC for kernel stack overflow in sysctl handler for kern.binmisc.add
View x.c
PoC for kernel stack overflow in sysctl handler for kern.binmisc.add:
kldload imgact_binmisc
- CTurt
CTurt / nfssvc.c
Last active Apr 13, 2016
FreeBSD nfssvc system call integer overflow
View nfssvc.c
PoC for FreeBSD kernel integer overflow in nfssvc system call
Refer to bug report here:
System call only accessible as root.
Running this test will panic affected versions of FreeBSD.
clang nfssvc.c -o n
CTurt / hptmv.c
Last active Jan 25, 2016
FreeBSD hpt_set_info heap overflow PoC
View hptmv.c
FreeBSD kernel vulnerability PoC for:
Needs to be run as root.
If hptmv kernel module not loaded:
kldload hptmv
CTurt / gist:27fe7f3c241f69be19e5
Created Dec 14, 2015
PS4 kernel exploit tease (root FS dump, and list of PIDs)
View gist:27fe7f3c241f69be19e5
[+] Entered shellcode
[+] UID: 0, GID: 0
[DIR]: .
[DIR]: ..
[DIR]: adm
[DIR]: app_tmp
[DIR]: data
[DIR]: dev
[DIR]: eap_user
[DIR]: eap_vsh
View main.c
// Bitmask calculator
#include <stdio.h>
int n = 0x33;
int main(void) {
int i;
for(i = 0; i < 20; i++) {
if(n & (1 << i)) printf("%d | ", 1 << i);
View main.c
#include <stdio.h>
#include "preoop.h"
#include "exception.h"
#define objects(a, b) objectList(a,\
objectEntry(fileReader, b)\