Skip to content

Instantly share code, notes, and snippets.

View buptsb's full-sized avatar
🏠
Working from home

buptsb

🏠
Working from home
27 followers · 25 following
View GitHub Profile
@buptsb
buptsb / RO_heap_parse_result.txt
Last active June 21, 2024 01:55
CVE-2024-5830: incorrect handing of deprecated map in [[CreateDataProperty]]
[
{
"offset": 0,
"binary": "0x5f000000",
"fieldIndex": 1,
"repr": 4,
"kind": 1
},
{
"offset": 4,
@buptsb
buptsb / tcp_data_queue.stp
Created February 13, 2021 09:25
monitor tcp data enqueue
sudo stap -v -e 'probe kernel.function("tcp_data_queue") {
tcphdr = __get_skb_tcphdr($skb);
sport = __tcp_skb_sport(tcphdr);
if (sport == 34025) {
seq = @cast($skb->cb, "tcp_skb_cb")->seq;
end_seq = @cast($skb->cb, "tcp_skb_cb")->end_seq;
printf("%d %d %d %d\n", sport, seq, end_seq, end_seq - seq);
// print_backtrace();
// exit()
}
@buptsb
buptsb / issue1.patch
Created January 21, 2021 08:59
diff --git a/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc b/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc
index d84004cd41..739ba61e9f 100644
--- a/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc
+++ b/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc
@@ -520,7 +520,7 @@ void InstallMethodInternal(
if (!WorldConfigurationApplies(config, world))
return;
- v8::Local<v8::String> name = config.MethodName(isolate);
+ v8::Local<v8::Name> name = config.MethodName(isolate);
@buptsb
buptsb / exp5.c
Last active November 14, 2019 04:53
csci1650/csci1951 ctf-3
/*
* CTF-2 `vcat5' exploit (template)
*
* Vasileios P. Kemerlis <vpk@cs.brown.edu>
* - CSCI 1951H: Software Security and Exploitation
* - https://cs.brown.edu/courses/csci1951-h/
*/
#include <stdio.h>
#include <stdlib.h>
@buptsb
buptsb / gist:5a54d633ce5ae937462622e97de52511
Created October 29, 2019 13:50
wtf
type Session struct {
Conns []net.Conn
}
packet
timeout timer
history
onTimeout
// ? find another conn(not in history)
@buptsb
buptsb / wgcf.py
Created October 27, 2019 13:55 — forked from oskar456/wgcf.py
Cloudflare WARP linux client (using wg-quick for actual tunnel setup)
#!/usr/bin/env python3
import subprocess
import json
import os
from pathlib import Path
import requests
from requests.compat import urljoin
@buptsb
buptsb / run.sh
Last active August 15, 2019 01:25
Build chrome from sharepoint backup
systemctl stop firewalld
# compiling dependencies
dnf install mosh tmux git python bzip2 tar pkgconfig atk-devel alsa-lib-devel \
bison binutils brlapi-devel bluez-libs-devel bzip2-devel cairo-devel \
cups-devel dbus-devel dbus-glib-devel expat-devel fontconfig-devel \
freetype-devel gcc-c++ glib2-devel glibc gperf glib2-devel \
gtk3-devel java-1.8.0-openjdk-devel libatomic libcap-devel libffi-devel \
libgcc libgnome-keyring-devel libjpeg-devel libstdc++ libX11-devel \
libXScrnSaver-devel libXtst-devel libxkbcommon-x11-devel ncurses-compat-libs \
@buptsb
buptsb / .gclient
Last active August 15, 2019 04:00
Compile chromium from scratch
solutions = [
{ "name" : "src",
"url" : "https://chromium.googlesource.com/chromium/src.git",
"deps_file" : "DEPS",
"managed" : True,
"custom_deps" : {
},
"custom_vars": {},
},
];
@buptsb
buptsb / mitm.py
Created August 12, 2019 09:05
Using mitmproxy to inject Javascript file.
# Mitmproxy: 4.0.4
# Python: 3.6.5
# OpenSSL: OpenSSL 1.1.0h-fips 27 Mar 2018
# Platform: Linux-4.16.3-301.fc28.x86_64-x86_64-with-fedora-28-Twenty_Eight
# usage
# mitmdump -p $LISTEN_PORT -s ./mitm.py
import os
from bs4 import BeautifulSoup
@buptsb
buptsb / handle.js
Last active July 9, 2019 07:52
// 1. filter out toxic function
let _key = userFns.filter(key=> {
let fn = window[key]
if (testHack(fn)) return key
return false
})[1];
window[_key] = function() {}
// 2. then, wrap all functions
function _wrap(k) {