saml

/*
gcc -ansi -pedantic -Wall -Wextra -std=c99 ftypedef.c
 */

#include <stdio.h>

#define FTypedef(ReturnType, Name, ...) typedef ReturnType (*Name)(__VA_ARGS__)

void foo(int i, char *str) {
    printf("%d - %s\n", i, str);

nuxlli

#!/bin/bash

# References
# http://www.computerhope.com/unix/nc.htm#03
# https://github.com/daniloegea/netcat
# http://unix.stackexchange.com/questions/26715/how-can-i-communicate-with-a-unix-domain-socket-via-the-shell-on-debian-squeeze
# http://unix.stackexchange.com/questions/33924/write-inside-a-socket-open-by-another-process-in-linux/33982#33982
# http://www.linuxjournal.com/content/more-using-bashs-built-devtcp-file-tcpip
# http://www.dest-unreach.org/socat/
# http://stuff.mit.edu/afs/sipb/machine/penguin-lust/src/socat-1.7.1.2/EXAMPLES

brianrusso

import urllib2
import cookielib
import urlparse
import jinja2
from urllib2 import HTTPCookieProcessor
from lxml import etree

# Setup Jinja for SAML
JINJA_TEMPLATE_PATH = "/Users/Brian/IdeaProjects/yggdrasil/templates"
JINJA_ENVIRONMENT = jinja2.Environment(

pokstad

// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// HTTP reverse proxy handler

package goengine

import (
	"io"

Manouchehri

# Source:
# https://www.cloudflare.com/ips
# https://support.cloudflare.com/hc/en-us/articles/200169166-How-do-I-whitelist-CloudFlare-s-IP-addresses-in-iptables-

for i in `curl https://www.cloudflare.com/ips-v4`; do iptables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done
for i in `curl https://www.cloudflare.com/ips-v6`; do ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $i -j ACCEPT; done

# Avoid racking up billing/attacks
# WARNING: If you get attacked and CloudFlare drops you, your site(s) will be unreachable. 
iptables -A INPUT -p tcp -m multiport --dports http,https -j DROP

nevkontakte

Ninja support for CLion IDE

This script enables Ninja-powered builds in CLion IDE by wrapping around CMake, which it uses. See my blog post for details.

Disclaimer

This script is provided AS IS with no guarantees given or responsibilities taken by the author. This script relies on undocumented features of CLion IDE and may lead to instability of build and/or IDE. Use it on your own risk under WTFPL terms.

Cr4sh

/*
 *********************************************************************

  Part of UEFI DXE driver code that injects Hyper-V VM exit handler
  backdoor into the Device Guard enabled Windows 10 Enterprise.
  
  Execution starts from new_ExitBootServices() -- a hook handler 
  for EFI_BOOT_SERVICES.ExitBootServices() which being called by
  winload!OslFwpKernelSetupPhase1(). After DXE phase exit winload.efi
  transfers exeution to previously loaded Hyper-V kernel (hvix64.sys)

KireinaHoro

#!/sbin/openrc-run
# Copyright 1999-2018 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

depend() {
    need net localmount
    after bootmisc
}

start() {

KrissN

#!/usr/bin/python

# This script can be used to obtain authentication cookies in order to gain access
# to a SharePoint site's REST or WebDAV API using a username and password.
#
# Usage: python get-sharepoint-auth-cookie.py https://<somesite>.sharepoint.com/ your.name@domain.com <domain-password>
#
# The script returns a string containing two HTTP cookies: FedAuth and rtFa. These
# cookies can be attached to HTTP requests to the SharePoint site in order to satisfy
# authentication requirements

adolli

如何使用python3逃逸沙箱，获得进程上下文权限提升

最近突发奇想，想对所掌握的python知识进行总结一下，目前其实还停留在python层面如何使用，还没有深入到虚拟机部分，如果下面有哪些错误，欢迎指出。

背景

OJ(Online judge, 在线编程测评提交代码到后台运行检查)网站一般都允许各种各样的代码提交，其中很有可能包含python3，于是决定尝试通过python3的代码执行，进行沙箱逃逸，以及绕过各种限制。

我随便找了一个OJ网站，这个站点的python3有如下限制