This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from bcc import BPF | |
# BPF program that instruments setenv function | |
prog = """ | |
#include <uapi/linux/ptrace.h> | |
int trace_setenv(struct pt_regs *ctx) { | |
// Assuming the first argument to setenv is a pointer to the environment variable name | |
char env_var_name[256]; | |
bpf_probe_read_user(&env_var_name, sizeof(env_var_name), (void *)PT_REGS_PARM1(ctx)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from bcc import BPF | |
# eBPF program | |
prog = """ | |
#include <uapi/linux/ptrace.h> | |
// Instrument the fchdir syscall entry | |
TRACEPOINT_PROBE(syscalls, sys_enter_fchdir) { | |
// args is a built-in structure provided by the tracepoint | |
// It contains all the arguments of the syscall being traced |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from bcc import BPF | |
# eBPF program | |
prog = """ | |
#include <uapi/linux/ptrace.h> | |
// Instrument the chdir syscall entry | |
TRACEPOINT_PROBE(syscalls, sys_enter_chdir) { | |
// args is a built-in structure provided by the tracepoint | |
// It contains all the arguments of the syscall being traced |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from bcc import BPF | |
# Define the eBPF program | |
prog = """ | |
#include <uapi/linux/ptrace.h> | |
// Instrument the chmod syscall entry | |
TRACEPOINT_PROBE(syscalls, sys_enter_chmod) { | |
// args is a built-in structure provided by the tracepoint | |
// It contains all the arguments of the syscall being traced |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/tmp/exp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AAAAB3NzaC1yc2EAAAADAQABAAABAQC1Sdr0tIIL8yPhKTLzVMnRKj1zzGqtR4tKpM2bfBEx+AHyvBL8jDZDJ6fuVwEB+aZ8bl/pA5qhFWRRWhONLnLN9RWFx/880msXITwOXjCT3Qa6VpAFPPMazJpbppIg+LTkbOEjdDHvdZ8RhEt7tTXc2DoTDcs73EeepZbJmDFP8TCY7hwgLi0XcG8YHkDFoKFUhvSHPkzAsQd9hyOWaI1taLX2VZHAk8rOaYqaRG3URWH3hZvk8Hcgggm2q/IQQa9VLlX4cSM4SifM/ZNbLYAJhH1x3ZgscliZVmjB55wZWRL5oOZztOKJT2oczUuhDHM1qoUJjnxopqtZ5DrA76WH user@localhost" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env python | |
#coding: utf-8 | |
import threading | |
import socket | |
from re import findall | |
import httplib | |
import os | |
from random import randrange | |
import random |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://printofcenter.pl/media/system/info.php?url= | |
http://printofcenter.pl/media/system/log.php?url= | |
http://moippo.org.ua/media/system/log.php?url= | |
http://moippo.org.ua/media/system/info.php?url= | |
http://nihir.org/wp-includes/rest-api/info.php?url= | |
http://nihir.org/wp-includes/rest-api/log.php?url= | |
http://airsoft.monokpeti.xyz/wp-includes/js/log.php?url= | |
http://airsoft.monokpeti.xyz/wp-includes/js/info.php?url= | |
http://asoftel.east.3cx.us/wp-includes/js/log.php?url= | |
http://asoftel.east.3cx.us/wp-includes/js/info.php?url= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using ; | |
using ; | |
using ; | |
using ; | |
using ; | |
using IWshRuntimeLibrary; | |
using SmartAssembly.Delegates; | |
using SmartAssembly.HouseOfCards; | |
using System; | |
using System.Collections.Generic; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
handbrakestore.com | |
handbrake.cc | |
luwenxdsnhgfxckcjgxvtugj.com | |
6gmvshjdfpfbeqktpsde5xav.com | |
kjfnbfhu7ndudgzhxpwnnqkc.com | |
yaxw8dsbttpwrwlq3h6uc9eq.com | |
qrtfvfysk4bdcwwwe9pxmqe9.com | |
fyamakgtrrjt9vrwhmc76v38.com | |
kcdjzquvhsua6hlfbmjzkzsb.com | |
ypu4vwlenkpt29f95etrqllq.com |
NewerOlder