Skip to content

Instantly share code, notes, and snippets.

Avatar

Stuart Larsen c0nrad

View GitHub Profile
@loknop
loknop / writeup.md
Created Dec 30, 2021
Solving "includer's revenge" from hxp ctf 2021 without controlling any files
View writeup.md

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

@isaacs
isaacs / node-and-npm-in-30-seconds.sh
Last active Jan 10, 2023
Use one of these techniques to install node and npm without having to sudo. Discussed in more detail at http://joyeur.com/2010/12/10/installing-node-and-npm/ Note: npm >=0.3 is *safer* when using sudo.
View node-and-npm-in-30-seconds.sh
echo 'export PATH=$HOME/local/bin:$PATH' >> ~/.bashrc
. ~/.bashrc
mkdir ~/local
mkdir ~/node-latest-install
cd ~/node-latest-install
curl http://nodejs.org/dist/node-latest.tar.gz | tar xz --strip-components=1
./configure --prefix=~/local
make install # ok, fine, this step probably takes more than 30 seconds...
curl https://www.npmjs.org/install.sh | sh
@rmmh
rmmh / gist:8515577
Created Jan 20, 2014
MSP430 Alphanumeric Instructions
View gist:8515577
[0-9a-zA-Z]{2}
30-39,41-5a,61-7a
a:61 z:7a A:41 Z:5a 0:30 9:39
MSP430 alphanumeric shellcode is hard. There's no way to write to memory,
no word-sized reg-reg operations, and all we have is add/sub/mov and a few conditional jumps.
@dstroot
dstroot / install-mongo.sh
Created Mar 25, 2012
Install MongoDB on Amazon EC2
View install-mongo.sh
#!/bin/bash
echo "*****************************************"
echo " Add the 10gen repository - after you press"
echo " enter add the following lines and then"
echo " cntl-X to save:"
echo " [10gen]"
echo " name=10gen Repository"
echo " baseurl=http://downloads-distro.mongodb.org/repo/redhat/os/x86_64"
echo " gpgcheck=0"
echo "*****************************************"