- Web Wormhole https://webwormhole.io/ https://github.com/saljam/webwormhole
- ToffeeShare https://toffeeshare.com/
- FilePizza https://file.pizza/
- ShareDrop https://www.sharedrop.io/ https://github.com/szimek/sharedrop
- A clone SnapDrop https://snapdrop.net/ https://github.com/RobinLinus/snapdrop
- A fork PairDrop https://pairdrop.net/ https://github.com/schlagmichdoch/pairdrop
- A clone SnapDrop https://snapdrop.net/ https://github.com/RobinLinus/snapdrop
- Instant.io https://instant.io/
- file ai http://fileai.com/
maple maple3142
- javascript:alert(origin)
- @maple3142
SMUsamaShah
/ list_of_p2p_file_sharing.md
Last active
April 13, 2024 21:47
List of P2P file sharing tools
leesh3288
/ vm2_3.9.19_sandbox_escape_2.md
Last active
March 30, 2024 07:00
Sandbox Escape in vm2@3.9.19 via custom inspect function
leesh3288
/ vm2_3.9.19_sandbox_escape_1.md
Last active
April 8, 2024 16:37
Sandbox Escape in vm2@3.9.19 via `Promise[@@species]`
leesh3288
/ vm2_3.9.15_sandbox_escape.md
Last active
November 29, 2023 10:51
Sandbox Escape in vm2@3.9.15
There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException() and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context.
MaxXSoft
/ Dockerfile
Created
November 27, 2022 09:40
A fun tool for generating an x86-64 Linux program that runs in reverse order.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:20.04 | |
| RUN apt update && DEBIAN_FRONTEND="noninteractive" apt install -y \ | |
| python3 build-essential | |
| WORKDIR /root |
The rumor tells that adm1n stores their secret split into multiple documents. Can you catch 'em all? https://postviewer-web.2022.ctfcompetition.com
The challenge consisted of an all client-side simple page, i.e. no backend code was involved. A user can upload any file which will be then locally stored in indexedDB. They can preview their files by either clicking on the title or by visiting file's URL, for example https://postviewer-web.2022.ctfcompetition.com/#file-01d6039e3e157ebcbbf6b2f7cb2dc678f3b9214d. The preview of the file is rendered inside a blob created from data: URL. The rendering occurs by sending file's contents to the iframe via postMessage({ body, mimeType }, '*')
Additionally, there is a /bot endpoint which lets players send URLs to an xss-bot imitating another user. The goal is to steal their documents.
satoooon8888
/ patch_libc.sh
Last active
June 28, 2022 15:08
patch libc with ubuntu glibc debug symbol
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -ex | |
| LIBC=$(ls * | grep -P '^(libc\.so\.6|libc-.*\.so)$') | |
| LIBC_DBG_DEB="$(~/package/libc-database/identify $LIBC | sed s/libc6_/libc6-dbg_/g).deb" | |
| if [[ ! -e $LIBC_DBG_DEB ]]; then | |
| wget http://archive.ubuntu.com/ubuntu/pool/main/g/glibc/$LIBC_DBG_DEB | |
| fi | |
| DEBUGID=$(file $LIBC | grep -Po '(?<=BuildID\[sha1\]=)[0-9a-f]{40}') |
y011d4
/ reed_solomon.sage
Last active
November 9, 2022 02:12
implementation of Reed-Solomon Coding using a case in https://static.chunichi.co.jp/chunichi/pages/feature/science/galois_field_in_auto_factory.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://static.chunichi.co.jp/chunichi/pages/feature/QR/galois_field_in_auto_factory.html | |
| X = GF(2).polynomial_ring().gen() | |
| poly = X ** 8 + X ** 4 + X ** 3 + X ** 2 + 1 | |
| F = GF(2 ** 8, name="a", modulus=poly) | |
| R.<x> = PolynomialRing(F) | |
| def tobin(x, n): | |
| x = Integer(x) | |
| nbits = x.nbits() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Crypto.Cipher import AES | |
| import secrets | |
| F = GF(2**128, name="a", modulus=x**128 + x**7 + x**2 + x + 1) | |
| def to_poly(x): | |
| bs = Integer(int.from_bytes(x, "big")).bits()[::-1] | |
| return F([0] * (128 - len(bs)) + bs) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| const char *buf = "hello from linux\n"; | |
| char * const argv[] = { | |
| "/bin/sh", | |
| "-c", | |
| "echo 'hello from execve'", | |
| NULL, | |
| }; |
NewerOlder