Artem Smotrakov artem-smotrakov
☘️
artem-smotrakov
/ App.java
Created
March 23, 2017 22:51
Getting a caller's class name in Java with SecurityManager.getClassContext()
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class App { | |
| public static void main(String[] args) throws Throwable { | |
| Logger.INSTANCE.log("main() started"); | |
| Logger.INSTANCE.log("hello"); | |
| Logger.INSTANCE.log("main() finished"); | |
| } | |
| private static class Logger extends SecurityManager { |
artem-smotrakov
/ DHKeyExchange.java
Last active
September 18, 2017 09:23
An example of Diffie-Hellman key exchange with Java. For more details see https://codeandsolder.blogspot.com/2017/09/diffie-hellman-key-exchange-in-java.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package security.keyexchange; | |
| import java.io.InputStream; | |
| import java.io.OutputStream; | |
| import java.math.BigInteger; | |
| import java.nio.file.Files; | |
| import java.nio.file.Path; | |
| import java.nio.file.Paths; | |
| import java.security.KeyFactory; | |
| import java.security.KeyPair; |
artem-smotrakov
/ CommandLine.java
Last active
September 18, 2017 09:25
How to parse command line arguments in Java. For more details see https://codeandsolder.blogspot.com/2017/09/how-to-parse-command-line-arguments-in-java.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.util.HashMap; | |
| import java.util.Map; | |
| public class CommandLine { | |
| public static Parameters parse(String[] args) { | |
| Parameters params = new Parameters(); | |
| int i = 0; | |
| while (i < args.length) { |
artem-smotrakov
/ attack.sh
Last active
September 18, 2017 09:27
An example of LDAP injection in Java. For more details see https://blog.gypsyengineer.com/fun/security/ldap-injections.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # we just assume that it's that simple | |
| alphabet="qwertyuiopasdfghjklzxcvbnm" | |
| password="" | |
| found=1 | |
| # stop when all guesses failed | |
| while [ ${found} -eq 1 ]; |
artem-smotrakov
/ LDAPInfo.java
Last active
September 18, 2017 09:27
An example of an LDAP client which is vulnerable to blind LDAP injection attack. For more details see An example of LDAP injection in Java. For more details see https://blog.gypsyengineer.com/fun/security/ldap-injections.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import javax.naming.NamingEnumeration; | |
| import javax.naming.directory.SearchControls; | |
| import javax.naming.directory.SearchResult; | |
| import javax.naming.ldap.InitialLdapContext; | |
| import java.util.Hashtable; | |
| public class LDAPInfo { | |
| public static void main(String[] args) throws Exception { | |
| if (args.length < 1) { |
artem-smotrakov
/ dht22.py
Last active
October 24, 2017 06:03
Measuring temperature and humidity with DHT22 and MicroPython. See details on https://blog.gypsyengineer.com/fun/diy-electronics/micropython-esp8266-sending-data-to-thingspeak.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import dht | |
| import machine | |
| def mesure_temperature_and_humidity(): | |
| d = dht.DHT22(machine.Pin(DHT22_PIN)) | |
| d.measure() | |
| t = d.temperature() | |
| h = d.humidity() | |
| print('temperature = %.2f' % t) |
artem-smotrakov
/ micropython_connect_wifi.py
Created
October 24, 2017 06:05
Connecting to Wi-Fi with MicroPython and ESP8266. See details on https://blog.gypsyengineer.com/fun/diy-electronics/micropython-esp8266-sending-data-to-thingspeak.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import network | |
| nic = network.WLAN(network.STA_IF) | |
| nic.active(True) | |
| nic.connect(ssid, password) |
artem-smotrakov
/ main.c
Created
December 31, 2017 15:13
Here is a very simple example of a global buffer overflow. See more on https://blog.gypsyengineer.com/fun/security/global-buffer-overflows.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| char buffer[16]; | |
| int main(int argc, char **argv) { | |
| if(argc < 2) { | |
| printf("no parameters specified\n"); | |
| exit(-1); |
artem-smotrakov
/ gbo.c
Created
December 31, 2017 15:19
An example of global buffer overflow, see more on https://blog.gypsyengineer.com/fun/security/global-buffer-overflows.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| char buffer[16]; | |
| int main(int argc, char **argv) { | |
| if(argc < 2) { | |
| printf("no parameters specified\n"); | |
| exit(-1); |
artem-smotrakov
/ gbo.c
Created
December 31, 2017 15:21
Overwriting a function pointer in global memory, see detail on https://blog.gypsyengineer.com/fun/security/global-buffer-overflows.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| void do_something(void) { | |
| printf("this is not a secret\n"); | |
| } | |
| void print_secret(void) { | |
| printf("this is a secret\n"); |
OlderNewer