You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a good crypto nerd, I usually use an entirely encrypted linux FS: / but also
/boot using grub LUKS support. It's a good setup but it's not perfect, the BIOS and
the bootloader are not protected.
I recently got a USBArmory and I wanted to apply the same (or a better) setup.
I found some useful links but no clear howto. So this is my setup.
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WCTF 2018 "searchme" exploit by Mateusz "j00ru" Jurczyk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I have done some preliminary research into this bug and so far it does not seem like a backdoor. Just some really weird logic when handling routes, and rendering templates.
As to why widgetConfig[code] executes via a POST request, it is because of the following code located in /includes/vb5/frontend/applicationlight.php
$serverData = array_merge($_GET, $_POST);
if (!empty($this->application['handler']) AND method_exists($this, $this->application['handler']))
Trace .NET Core Applications on Linux with `strace`
Trace .NET Core Applications on Linux with strace
Troubleshooting a running application can be difficult, usually it starts around checking log output and then following through the likely code paths to get an idea of where a failure may occur. In a development environment, you might attach a debugger a step through source, but troubleshooting isn't always that convenient. There are several helpful tools that can assist, but one that gives the most comprehensive view of a running application is strace. With strace you are able to see all of the system calls an application makes to get a detailed understanding of what is going on "under the hood" in order to troubleshoot an issue.
Take a simple "hello world" F# application, the kind you get from dotnet new console -lang F# -n strace-sample". Build it with dotnet build and then launch it with strace to get a trace of all the system calls in a file called trace.log(adjusting for your build output path if on a different framework vers