I hereby claim:
- I am crowell on github.
- I am crowell (https://keybase.io/crowell) on keybase.
- I have a public key whose fingerprint is 18FE A02F 514F 0686 6F9D D996 31FC C941 8A1C 34BC
To claim this, I am signing this object:
// De Bruijn pattern generator. | |
// Jeffrey Crowell | |
#include "debruijn.h" | |
char* peda_charset = | |
"A%sB$nC-(D;)Ea0Fb1Gc2Hd3Ie4Jf5Kg6Lh7Mi8Nj9OkPlQmRnSoTpUqVrWsXtYuZvwxyz"; | |
// Generate a De Bruijn sequence. Code interpreted from wikipedia. | |
void db(int t, int p, int n, int maxlen, int k, int* a, char* sequence, |
x = IO.read(ARGV[0]) | |
y = x.split("\n")[0...8].reverse | |
arr = [[], [], [], [], [], [], [], [], []] | |
arr2 = [[], [], [], [], [], [], [], [], []] | |
y.each do |i| | |
m = /^.(.)...(.)...(.)...(.)...(.)...(.)...(.)...(.)...(.).$/.match(i) | |
(1..9).each do |j| | |
ch = m[j] | |
unless ch == ' ' | |
arr[j - 1] << ch |
I hereby claim:
To claim this, I am signing this object:
radare2 is a very cool set of tools that you probably don't know how to use! Let's go through a simple exploit CTF challenge to understand how to use it for exploit development.
We'll be focusing on "ropasaurus rex" which is a simple challenge from Plaid CTF After checking out the latest and greatest radare from git, let's get started!
Open up ropasaurusrex in r2 and call analyze on the binary. We can list the functions with "afl"
#include <elf.h> | |
#include <fcntl.h> | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <sys/mman.h> | |
// killgdb.c - prevent an elf from being loaded by gdb. | |
// Jeffrey Crowell <crowell [at] bu [dot] edu> | |
// | |
// $ objcopy --only-keep-debug program program.debug |
/* | |
first malloc(16) : 0x1a61450 | |
eh.. and malloc(-1) : (nil) | |
second malloc(16) : 0x7fe57c0008c0 | |
FYI, libc.so address is : 0x7fe5837dc000 | |
let's calculate! : 0x7fe580000000 | |
*/ | |
#include <stdio.h> | |
#include <stdlib.h> |
# Poker II Firmware disassembly help tool. | |
original = IO.read("./Poker II original firmware.bin") | |
extracted = "" | |
original.each_byte{|b| | |
m = (((b & 0x0f) << 4) | ((b & 0xf0) >> 4)) ^ 0xff | |
extracted << m.chr | |
} | |
puts extracted |
sftp-3 ~ » dig @75.75.75.75 example.com | |
; <<>> DiG 9.8.3-P1 <<>> @75.75.75.75 example.com | |
; (1 server found) | |
;; global options: +cmd | |
;; Got answer: | |
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 49393 | |
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 | |
;; QUESTION SECTION: |
f0VMRgECAQAAAAAAAAAAAAACABQAAAABEAADAAAAADQAAA84AAAAAAA0ACAABwAoAB0AGgAAAAYA | |
AAA0EAAANBAAADQAAADgAAAA4AAAAAUAAAAEAAAAAwAAARQQAAEUEAABFAAAAA0AAAANAAAABAAA | |
AAEAAAABAAAAABAAAAAQAAAAAAAGbAAABmwAAAAFAAEAAAAAAAEAAAZsEAEGbBABBmwAAAEsAAAB | |
MAAAAAYAAQAAAAAAAgAABoAQAQaAEAEGgAAAAPAAAADwAAAABgAAAAQAAAAEAAABJBAAASQQAAEk | |
AAAARAAAAEQAAAAEAAAABGR05VEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAQL2xpYi9sZC5z | |
by4xAAAAAAAAAAQAAAAQAAAAAUdOVQAAAAAAAAAAAgAAAAYAAAAgAAAABAAAABQAAAADR05VAGpO | |
Hzw6QibadtZIhfyXfSuWjPoWAAAAAgAAAAUAAAABAAAABSAAIAAAAAAAAAAABcDjS60AAAAAAAAA | |
AAAAAAAAAAAAAAAAHwAAAAAAAAAAEgAAAAAAABoAAAAAAAAAABIAAAAAAAA4AAAAAAAAAAAgAAAA | |
AAAAJgAAAAAAAAAAEgAAAAAAAAsQAAY8AAAABBEAAA4AbGliYy5zby42AF9JT19zdGRpbl91c2Vk | |
AHB1dHMAcHJpbnRmAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdMSUJDXzIuMABH |
diff --git a/src/ngx_pagespeed.cc b/src/ngx_pagespeed.cc | |
index 0e298b7..45e8708 100644 | |
--- a/src/ngx_pagespeed.cc | |
+++ b/src/ngx_pagespeed.cc | |
@@ -686,14 +686,20 @@ char* ps_loc_configure(ngx_conf_t* cf, ngx_command_t* cmd, void* conf); | |
// not NGX_HTTP_LOC_CONF_OFFSET or NGX_HTTP_MAIN_CONF_OFFSET. | |
ngx_command_t ps_commands[] = { | |
{ ngx_string("pagespeed"), | |
- NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1|NGX_CONF_MULTI| | |
+ NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1| |