Skip to content

Instantly share code, notes, and snippets.

View galaxy001's full-sized avatar

galaxy001

40 followers · 47 following
View GitHub Profile
@galaxy001
galaxy001 / parse_h265.py
Created April 19, 2016 14:39 — forked from figgis/parse_h265.py
H.265/HEVC bitstream parser
#!/usr/bin/env python
"""
- ae(v): context-adaptive arithmetic entropy-coded syntax element. The parsing process for this descriptor is
specified in clause 9.3.
- b(8): byte having any pattern of bit string (8 bits). The parsing process
for this descriptor is specified by the return value of the function
read_bits( 8 ).
- f(n): fixed-pattern bit string using n bits written (from left to right)
@galaxy001
galaxy001 / keybase.md
Created July 13, 2016 08:41

Keybase proof

I hereby claim:

  • I am galaxy001 on github.
  • I am galaxy001 (https://keybase.io/galaxy001) on keybase.
  • I have a public key whose fingerprint is 3209 312F EC81 F062 CAD0 96FF 55BB D8CD 9969 AEA7

To claim this, I am signing this object:

@galaxy001
galaxy001 / com.google.Chrome.mobileconfig
Created December 28, 2016 06:38 — forked from Explorare/com.google.Chrome.mobileconfig
Add local chrome extensions to whitelist in MacOS. https://hencolle.com/2016/10/16/baidu_exporter/
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadContent</key>
<dict>
<key>com.google.Chrome</key>
@galaxy001
galaxy001 / how-clowwindy-design-Shadowsocks.md
Created February 17, 2017 19:23
clowwindy设计Shadowsocks的思路分析以及设计理念

clowwindy设计Shadowsocks的思路分析以及设计理念

鄙人不才,尝试站在原作者clowwindy的角度,来分析一下原版协议的设计思路和理念。 没参与过最初开发,不过设计了AEAD这个协议。读了一些资料,评论。

7:58 PM, 31 Aug 2015 作者发了这么一段话,我很好奇其中的指代内容,遂有本文。

眼睁睁看着一群人把一个东西搞错然后朝着错误的方向走了。不过懒得管了 =。=

@galaxy001
galaxy001 / dns2https.swoole.php
Created August 2, 2017 10:25
dns2https.swoole.php
<?php
/*
tcp dns client for google dns over https (https://dns.google.com)
ubuntu上使用:
在/etc/rc.local里加/usr/bin/php /home/<your_name>/dns2https.php
执行:
sysv-rc-conf unbound off
sysv-rc-conf dnscrypt-proxy off
@galaxy001
galaxy001 / gollum_baiduyun_v3.4.5.js
Created September 7, 2018 14:16 — forked from mcxiaoke/gollum_baiduyun_v3.4.5.js
Gollum for Baiduyun, Ver.3.4.5
/**
* 贪灵Gollum for Baiduyun, Ver.3.4.5
* 立即执行函数:百度云盘批量转存用户分享。
*
* 【特点】
* - 可保持或无视原分享者的目录结构。
* - 支持差分转存。
* - 自动分解转存,可突破单次转存总文件数5000的限制。
* - 可在分享主页下,进入某文件夹来转存其下级子文件夹。
* - 支持专辑转存。
@galaxy001
galaxy001 / README.md
Created March 3, 2017 18:22 — forked from linjunpop/README.md
iOS 内购验证
@galaxy001
galaxy001 / ss_v2ray_plugin.md
Created January 17, 2019 19:23 — forked from eycorsican/ss_v2ray_plugin.md
@galaxy001
galaxy001 / git-pull-all
Created June 21, 2019 05:12 — forked from grimzy/git-pull-all
Git pull all remote branches
#!/usr/bin/env bash
git branch -r | grep -v '\->' | while read remote; do git branch --track "${remote#origin/}" "$remote"; done
git fetch --all
git pull --all
@galaxy001
galaxy001 / 如何使用python3逃逸沙箱,获得进程上下文权限提升.md
Created September 9, 2019 05:15 — forked from adolli/如何使用python3逃逸沙箱,获得进程上下文权限提升.md
如何使用python3逃逸沙箱,获得进程上下文权限提升

如何使用python3逃逸沙箱,获得进程上下文权限提升

最近突发奇想,想对所掌握的python知识进行总结一下,目前其实还停留在python层面如何使用,还没有深入到虚拟机部分,如果下面有哪些错误,欢迎指出。

背景

OJ(Online judge, 在线编程测评提交代码到后台运行检查)网站一般都允许各种各样的代码提交,其中很有可能包含python3,于是决定尝试通过python3的代码执行,进行沙箱逃逸,以及绕过各种限制。

我随便找了一个OJ网站,这个站点的python3有如下限制