Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
💻🎧📖

Skyper SkypLabs

💭
💻🎧📖
View GitHub Profile
@SkypLabs
SkypLabs / README.md
Last active Apr 7, 2022
CVE-2021-23632
View README.md

Overview

Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to missing sanitisation in the Git.git method, which allows execution of OS commands rather than just Git commands.

Steps to Reproduce

  1. Create a file named exploit.js with the following content:

var Git = require("git").Git;

View README.md

Overview

Affected versions of this package are vulnerable to Arbitrary Code Execution. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.

Steps to Reproduce

  1. Create a file named exploit.js with the following content:

var dockerCLI = require('docker-cli-js');

@SkypLabs
SkypLabs / README.md
Last active Apr 15, 2021
Set up CodeQL language server in coc.nvim
View README.md

Set up CodeQL language server in coc.nvim

CodeQL CLI includes a language server which can be easily set up in coc.nvim by adding the content of this coc-settings.json file to your own configuration file.

Given that coc.nvim uses Vim filetype detection system and not file extensions, you need to let Vim know about *.ql files being CodeQL files. One way to do that is to add codeql.vim to ~/.vim/ftdetect.

@SkypLabs
SkypLabs / google_api_keys_finder.js
Last active Apr 8, 2021
OWASP ZAP - Passive Scanner - Google API keys finder
View google_api_keys_finder.js
/*
* Google API keys finder by SkypLabs.
* https://blog.skyplabs.net
* @SkypLabs
*/
function scan(ps, msg, src) {
var alertRisk = 0; // Informational
var alertConfidence = 3; // High
var alertTitle = "Information Disclosure - Google API Keys Found";
@SkypLabs
SkypLabs / README.md
Last active Dec 1, 2019
Convert a string into character codes
View README.md

String to character codes

This small Python script converts a string into character codes.

JavaScript XSS payload

Character codes are useful in XSS payloads when single and/or double quote characters can't be used to surround a string (escaped or removed from the payload). The JavaScript method [String.fromCharCode()][String.fromCharCode()] converts back the character codes into a string.

Example:

View go2deb.sh
ROOT=/data/local/tmp/mydebian
BB=/system/xbin
if ! ls $ROOT/proc/1 > /dev/null
then
$BB/mount --bind /dev $ROOT/dev
$BB/mount --bind /proc $ROOT/proc
$BB/mount --bind /sys $ROOT/sys
$BB/mount --bind /dev/pts $ROOT/dev/pts
fi
export PATH=/bin:/sbin:/usr/bin:/usr/sbin
@SkypLabs
SkypLabs / remove_exited_docker_containers.sh
Last active Dec 5, 2018
Scripts for removing untagged Docker images and exited Docker containers
View remove_exited_docker_containers.sh
#!/usr/bin/env bash
docker ps -a | grep 'Exit' | awk '{print $1}' | xargs docker rm
@SkypLabs
SkypLabs / sniff_main_thread.py
Last active Feb 22, 2018
Multiple code examples used to demonstrate some issues and a solution to sniff network packets inside a thread using Scapy
View sniff_main_thread.py
from scapy.all import *
interface = "eth0"
def print_packet(packet):
ip_layer = packet.getlayer(IP)
print("[!] New Packet: {src} -> {dst}".format(src=ip_layer.src, dst=ip_layer.dst))
print("[*] Start sniffing...")
sniff(iface=interface, filter="ip", prn=print_packet)
View Dockerfile
FROM docker.io/node:8-stretch
LABEL net.skyplabs.maintainer-name="Paul-Emmanuel Raoul"
LABEL net.skyplabs.maintainer-email="skyper@skyplabs.net"
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update \
&& apt-get install -y --no-install-recommends chromium
View Keybase.md

Keybase proof

I hereby claim:

  • I am skyplabs on github.
  • I am skyplabs (https://keybase.io/skyplabs) on keybase.
  • I have a public key ASCWCei4GtX0zKqBRc8JkNBZ8K8gI8JFCmhl3mTtd-gHNwo

To claim this, I am signing this object: