jrozner

joe@faultline:~$ echo $PATH ; __rvm_add_to_path prepend /usr/bin ; echo $PATH
/opt/local/bin:/opt/local/sbin:/Users/joe/.rvm/gems/ruby-1.9.2-p290/bin:/Users/joe/.rvm/gems/ruby-1.9.2-p290@global/bin:/Users/joe/.rvm/rubies/ruby-1.9.2-p290/bin:/Users/joe/.rvm/bin:/Users/joe/bin:/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin
/usr/bin:/opt/local/bin:/opt/local/sbin:/Users/joe/.rvm/gems/ruby-1.9.2-p290/bin:/Users/joe/.rvm/gems/ruby-1.9.2-p290@global/bin:/Users/joe/.rvm/rubies/ruby-1.9.2-p290/bin:/Users/joe/.rvm/bin:/Users/joe/bin:/Developer/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin

jrozner

#include <stdio.h>
#include <string.h>
#include <stdlib.h>

int main(int arvc, char *argv[])
{
  int var = 9;
  int *storage;
  int *pointer = &var;
  if ((storage = malloc(sizeof(int *) * 2)) == NULL)

jrozner

diff --git a/ajax/addtype.php b/ajax/addtype.php
index 0aa73f2..efbfd52 100755
--- a/ajax/addtype.php
+++ b/ajax/addtype.php
@@ -14,15 +14,29 @@ if(mysql_query("INSERT INTO types SET name='".mysql_real_escape_string($name)."'
 	ajaxError('The item type "'.$name.'" already exists.');
 
 $typeId=mysql_insert_id();
-for($i=1;isset($_POST['name'.$i]) && isset($_POST['type'.$i]) && isset($_POST['options'.$i]);$i++){
-	mysql_query("INSERT INTO Attributes SET name='".mysql_real_escape_string($_POST['name'.$i])."', dataType='".$_POST['type'.$i]."', typeId='".$typeId."'");

jrozner

#include <iostream>
#include <string>
#include <regex>

int main(int argc, char *argv[]) {
  const std::string reg_esp = "\\(?(\\d{3})[-\\s\\.\\)]*?(\\d{3})[-\\s\\.]?(\\d{4})";
  const std::string target = "(555) 555-1212)";

  std::regex rgx(reg_esp, std::regex_constants::ECMAScript);
  std::smatch match;

jrozner

00:27 N0cturn4l: enjoy kiddo ill have ur ssh open
00:27 livinded: good luck with that unless you have my private key
00:28 N0cturn4l: lol private keys dont matter kid
00:29 livinded: really? How do you plan to authenticate?
00:29 N0cturn4l: i can use wireshark sniff the input and data
00:29 N0cturn4l: find a weakness cause a buffer overflow which will crash the service allowing me in
00:31 livinded: you're going to find a vulnerability that allows rce in ssh by analyzing packets in wireshark?
00:31 N0cturn4l: yep
00:31 N0cturn4l: ive been doing this longer then u probaby been around kid
00:32 N0cturn4l: u think ur private key is the only thing protecting ur ssh

jrozner

#!/usr/bin/env ruby

require 'httparty'
require 'nokogiri'

LOGIN_OPTIONS = {
  body: {
    accountType: 'HOSTED_OR_GOOGLE',
    Email: '',
    Passwd: '',

jrozner

== caller.js ==
var callee = require('./func.js');
callee('stuff');

== func.js ==
var https = require('https');
module.exports = (function(my_var) {
  https.request({host: 'www.google.com', port: 443, path: '/index.html', method: 'GET'}, function(res) {
    res.setEncoding('utf8');
    res.on('data', function(chunk) {

jrozner

➜ ~ % fdisk /dev/disk2
Disk: /dev/disk2	geometry: 527/8/63 [266084 sectors]
Signature: 0x0
         Starting       Ending
 #: id  cyl  hd sec -  cyl  hd sec [     start -       size]
------------------------------------------------------------------------
 1: 00    0   0   0 -    0   0   0 [         0 -          0] unused      
 2: 00    0   0   0 -    0   0   0 [         0 -          0] unused      
 3: 00    0   0   0 -    0   0   0 [         0 -          0] unused      
 4: 00    0   0   0 -    0   0   0 [         0 -          0] unused   

jrozner

➜ node % cat *.js
exports.stuff = function() {console.log('lol');}
var obj = require('./obj')
  , explicit = require('./explicit')
  , assert = require('assert');

assert.deepEqual(obj, explicit);
module.exports = {stuff: function() {console.log('lol');}}

➜ node % node main      

jrozner

## client.rb ##
require 'socket'

@obj = Object.new

@stuff = Marshal.dump @obj

client = TCPSocket.new('127.0.0.1', 1337)
client.puts(@stuff)