Skip to content

Instantly share code, notes, and snippets.

View foxx's full-sized avatar

Cal Leeming foxx

View GitHub Profile
@foxx
foxx / browserify-rce.py
Last active August 29, 2015 14:04
Browserify RCE Vulnerability (<= 4.2.0)
#!/usr/bin/python
"""
Browserify POC exploit
http://iops.io/blog/browserify-rce-vulnerability/
To run, just do:
$ python poc.py > exploit.js
#!/usr/bin/env python
import re
import datetime
import smtplib
import itertools
from email.mime.text import MIMEText
class ScanAuthLog(object):
"""
@foxx
foxx / test.py
Last active August 29, 2015 14:01
Stopwatch Calculator
"""
A stopwatch records lap times as strings of the form "MM:SS:HS"
MM = minutes; SS = seconds; and HS = hundredths of a second.
Write a function that accepts two lap times and calculates their average,
returning the result in the same string format.
Input: "00:02:20" and "00:04:40"
Output: "00:03:30"
import random
from pprint import pprint as p
CHOICES = ['G', 'G', 'G', 'G', 'B', 'B']
ANSWERS = [
'BGBBB',
'GBGBBB',
'GBBBBB'
]
import os
import sys
# temp assign
_files = {}
import binascii
# default sub orders before first sub end
with patch_today(2013, 1, 1, 1, 1, 1) as pt:
i = UserSubscription.objects.create_orders()
self.assertEquals(len(i['orders_created']), 0)
# default sub orders after first sub end
with patch_today(2013, 1, 6, 1, 1, 1) as pt:
# create
i = UserSubscription.objects.create_orders()
self.assertEquals(len(i['orders_created']), 2)
class dict_as_class(dict):
"""Proper replacement for UserDict
Allows a dictionary to be used like a class. Really messy, thrown
together in a few minutes as a quick replacement, will probably
tidy this up later"""
def __setattr__(self, k, v):
if k in self.keys():
def get_video_info(path):
"""Uses ffmpeg to determine information about a video. This has not been broadly
tested and your milage may vary"""
from decimal import Decimal
import subprocess
import re
process = subprocess.Popen(['/usr/bin/ffmpeg', '-i', path], stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
stdout, stderr = process.communicate()