int0x33
/ snprintf.c
Created
February 17, 2019 12:24
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| enum { BUFFER_SIZE = 10 }; | |
| int main() { | |
| char buffer[BUFFER_SIZE]; | |
| int length = snprintf(buffer, BUFFER_SIZE, "%s%s", "long-name", "suffix"); | |
int0x33
/ sprintf.c
Created
February 17, 2019 12:22
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| enum { BUFFER_SIZE = 10 }; | |
| int main() { | |
| char buffer[BUFFER_SIZE]; | |
| int check = 0; | |
| sprintf(buffer, "%s", "This string is too long!"); |
int0x33
/ strncpy.c
Created
February 17, 2019 12:13
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| enum { BUFFER_SIZE = 10 }; | |
| char str1[BUFFER_SIZE]; | |
| char str2[]="abcdefghijklmn"; | |
| strncpy(str1,str2, BUFFER_SIZE); /* limit number of characters to be copied */ | |
| // We need to set the limit to BUFFER_SIZE, so that all characters in the buffer | |
| // are set to '\0'. If the source buffer is longer than BUFFER_SIZE, all the '\0' | |
| // characters will be overwritten and the copy will be truncated. | |
| if (str1[BUFFER_SIZE-1] != '\0') { |
int0x33
/ strlcpy.c
Created
February 17, 2019 12:12
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #ifndef strlcpy | |
| #define strlcpy(dst,src,sz) snprintf((dst), (sz), "%s", (src)) | |
| #endif | |
| enum { BUFFER_SIZE = 10 }; | |
| int main() { | |
| char dst[BUFFER_SIZE]; |
int0x33
/ strcpy.c
Created
February 17, 2019 12:10
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| char str1[10]; | |
| char str2[]="WeWantToOverwriteMemory"; | |
| strcpy(str1,str2); |
int0x33
/ fgets.c
Created
February 17, 2019 12:06
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define LENGTH 8 | |
| int main () { | |
| char* username, *nlptr; | |
| int allow = 0; | |
| username = malloc(LENGTH * sizeof(*username)); | |
| if (!username) | |
| return EXIT_FAILURE; |
int0x33
/ gets.c
Last active
February 17, 2019 12:05
https://security.web.cern.ch/security/recommendations/en/codetools/c.shtml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| int main () { | |
| char username[8]; | |
| int allow = 0; | |
| printf external link("Enter your username, please: "); | |
| gets(username); // user inputs "malicious" | |
| if (grantAccess(username)) { | |
| allow = 1; | |
| } | |
| if (allow != 0) { // has been overwritten by the overflow of the username. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Edit this file to introduce tasks to be run by cron. | |
| # | |
| # Each task to run has to be defined through a single line | |
| # indicating with different fields when the task will be run | |
| # and what command to run for the task | |
| # | |
| # To define the time you can provide concrete values for | |
| # minute (m), hour (h), day of month (dom), month (mon), | |
| # and day of week (dow) or use '*' in these fields (for 'any').# | |
| # Notice that tasks will be started based on the cron's system |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function clearlogs { | |
| find /var/log -type f | |
| } | |
| for i in return $(clearlogs); | |
| do sudo cat /dev/null > $i; | |
| echo "Log $i has been cleared"; | |
| done |
int0x33
/ random-mac
Created
February 14, 2019 11:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| MACCHANGER=/usr/bin/macchanger | |
| [ "$IFACE" != "lo" ] || exit 0 | |
| # Bring down interface (for wireless cards that are up to scan for networks), change MAC address to a random vendor address, bring up the interface | |
| /sbin/ifconfig "$IFACE" down | |
| macchanger -A "$IFACE" |