Skip to content

Instantly share code, notes, and snippets.

View abc1763613206's full-sized avatar
🏫
School: Ping me on Telegram please.

abc1763613206 abc1763613206

🏫
School: Ping me on Telegram please.
175 followers · 316 following
View GitHub Profile
@imba-tjd
imba-tjd / .Cloud.md
Last active July 22, 2024 07:05
☁️ 一些免费的云资源

IaaS指提供系统(可以自己选)或者储存空间之类的硬件,软件要自己手动装;PaaS提供语言环境和框架(可以自己选);SaaS只能使用开发好的软件(卖软件本身);BaaS一般类似于非关系数据库,但各家不通用,有时还有一些其它东西。

其他人的集合

@adolli
adolli / 如何使用python3逃逸沙箱,获得进程上下文权限提升.md
Last active April 30, 2024 13:07
如何使用python3逃逸沙箱,获得进程上下文权限提升

如何使用python3逃逸沙箱,获得进程上下文权限提升

最近突发奇想,想对所掌握的python知识进行总结一下,目前其实还停留在python层面如何使用,还没有深入到虚拟机部分,如果下面有哪些错误,欢迎指出。

背景

OJ(Online judge, 在线编程测评提交代码到后台运行检查)网站一般都允许各种各样的代码提交,其中很有可能包含python3,于是决定尝试通过python3的代码执行,进行沙箱逃逸,以及绕过各种限制。

我随便找了一个OJ网站,这个站点的python3有如下限制

@abc1763613206
abc1763613206 / bvtest.py
Last active July 15, 2024 09:28
BVID Validate
import requests
import json
import random
Back_URL = 'https://api.bilibili.com/x/web-interface/archive/stat?aid='
headers = {
'Cookie': "Replace Me With REAL COOKIE" ,
'Pragma': 'no-cache',
@Konano
Konano / alert.py
Created September 19, 2022 16:08
Websocket-based notificatons push service for GZCTF platform to Discord.
import time
import _thread as thread
from websocket import WebSocketApp
import websocket
import requests
import json
from log import logger
GAME_ID = 1
@RigoLigoRLC
RigoLigoRLC / template.svg
Created April 13, 2024 07:33
红色电音极地大冲击模板 (CC BY-NC 4.0)
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@abc1763613206
abc1763613206 / GZCTF_Push.py
Created June 15, 2024 17:32
GZCTF 通知推送至 QQ 群脚本,适配最新推送协议,改编自 @NanoApe
# Credits to @NanoApe
# websocket-client==0.57.0 更高版本会出问题!
# Original Source: https://gist.github.com/Konano/204ef1e442b3f239663985696fbcadf9
import time
import _thread as thread
from websocket import WebSocketApp
import websocket
import requests
import json
import logging