dinvlad

Yubikey GPG inside WSL2

1. Install GPG4Win.
2. Start up Kleopatra (a UI tool from 1) and make sure your YubiKey is loaded there.
   • You can also add GPG4Win to Startup folder using a link with this Target:

     "C:\Program Files (x86)\GnuPG\bin\gpg-connect-agent.exe" /bye
     

     This will only load the agent at Startup, and you won't be bothered by any UI or tray agent.
3. Download wsl2-ssh-pageant into your Windows %userprofile%/.ssh directory (Windows dir is important for performance).

mattjj

import torch
import torch.utils.dlpack
import jax
import jax.dlpack

# A generic mechanism for turning a JAX function into a PyTorch function.

def j2t(x_jax):
  x_torch = torch.utils.dlpack.from_dlpack(jax.dlpack.to_dlpack(x_jax))
  return x_torch

Speedy37

#!/bin/bash
# Launches socat+npiperelay to relay the gpg-agent socket file for use in WSL
# See https://justyn.io/blog/using-a-yubikey-for-gpg-in-windows-10-wsl-windows-subsystem-for-linux/ for details

GPGDIR="${HOME}/.gnupg"
USERNAME=Vincent
# I use the same username for wsl and windows, but feel free to modify the paths below if that isn't the case
WIN_GPGDIR="C:/Users/${USERNAME}/AppData/Roaming/gnupg"
NPIPERELAY="${HOME}/npiperelay.exe"

adolli

如何使用python3逃逸沙箱，获得进程上下文权限提升

最近突发奇想，想对所掌握的python知识进行总结一下，目前其实还停留在python层面如何使用，还没有深入到虚拟机部分，如果下面有哪些错误，欢迎指出。

背景

OJ(Online judge, 在线编程测评提交代码到后台运行检查)网站一般都允许各种各样的代码提交，其中很有可能包含python3，于是决定尝试通过python3的代码执行，进行沙箱逃逸，以及绕过各种限制。

我随便找了一个OJ网站，这个站点的python3有如下限制

KrissN

#!/usr/bin/python

# This script can be used to obtain authentication cookies in order to gain access
# to a SharePoint site's REST or WebDAV API using a username and password.
#
# Usage: python get-sharepoint-auth-cookie.py https://<somesite>.sharepoint.com/ your.name@domain.com <domain-password>
#
# The script returns a string containing two HTTP cookies: FedAuth and rtFa. These
# cookies can be attached to HTTP requests to the SharePoint site in order to satisfy
# authentication requirements

KireinaHoro

#!/sbin/openrc-run
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

depend() {
    need net localmount
    after bootmisc
}

start() {

Cr4sh

/*
 *********************************************************************

  Part of UEFI DXE driver code that injects Hyper-V VM exit handler
  backdoor into the Device Guard enabled Windows 10 Enterprise.
  
  Execution starts from new_ExitBootServices() -- a hook handler 
  for EFI_BOOT_SERVICES.ExitBootServices() which being called by
  winload!OslFwpKernelSetupPhase1(). After DXE phase exit winload.efi
  transfers exeution to previously loaded Hyper-V kernel (hvix64.sys)

nevkontakte

Ninja support for CLion IDE

This script enables Ninja-powered builds in CLion IDE by wrapping around CMake, which it uses. See my blog post for details.

Disclaimer

This script is provided AS IS with no guarantees given or responsibilities taken by the author. This script relies on undocumented features of CLion IDE and may lead to instability of build and/or IDE. Use it on your own risk under WTFPL terms.

Manouchehri

# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable. 
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP

pokstad

// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// HTTP reverse proxy handler

package goengine

import (
	"io"