Skip to content

Instantly share code, notes, and snippets.

View mattaereal's full-sized avatar
🪷
Hacking my way into consciousness ~

Matías Aereal Aeón mattaereal

🪷
Hacking my way into consciousness ~
160 followers · 14 following
View GitHub Profile
@mattaereal
mattaereal / findcaps.sh
Created January 20, 2025 19:51
Check binaries for capabilities
#!/bin/bash
# Function to find binaries with capabilities
find_cap_binaries() {
# Get all directories in $PATH
IFS=':' read -r -a path_dirs <<< "$PATH"
# Loop through each directory
for dir in "${path_dirs[@]}"; do
# Check if the directory exists
@mattaereal
mattaereal / vscode_ext_dl.sh
Created January 14, 2025 16:46
Downloads a vscode extension's vsix file and unzips it for further analysis.
#!/bin/bash
# Check if required tools are installed
if ! command -v jq &> /dev/null || ! command -v curl &> /dev/null || ! command -v unzip &> /dev/null; then
echo "This script requires 'jq', 'curl', and 'unzip' to be installed."
exit 1
fi
# Check if an extension name is provided
if [ -z "$1" ]; then
@mattaereal
mattaereal / defillama-hacks-to-csv.py
Last active August 16, 2024 14:39
Exports defillama's hacks in json format to csv.
import requests
import json
import csv
import time
import re
# Set headers to mimic a browser request
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3',
'Referer': 'https://defillama.com/hacks'
@mattaereal
mattaereal / install-tools.sh
Created May 21, 2024 19:27
install-tools.sh
#!/usr/bin/fish
# starship theme for fish
curl -sS https://starship.rs/install.sh | sh -s -- -y
echo "starship init fish | source" >> ~/.config/fish/config.fish
source ~/.config/fish/config.fish
# Some manual exports
## This makes pnpm installations to be available globally
@mattaereal
mattaereal / 79.137.192.10.txt
Created January 5, 2024 18:19
list of scam websites hosted in 79.137.192.10
listed the 5th of january of 2024
framegovernance-claim.com
albertatechjobs.com
altversedrop.com
authmee6.org
authvulcan.net
authyvulcan.com
authyvulcan.net
bigtimegame.net
bitscheck.org
@mattaereal
mattaereal / ReturnOrRever.sol
Created May 11, 2023 23:26
Return or revert scenarios.
// SPDX-License-Identifier: GPL-3.0
pragma solidity ^0.8.4;
contract RevertWithString {
function buy(uint amount) public payable {
if (msg.value < amount)
revert("Not enough Ether provided.");
}
// transaction cost 21499 gas
// execution cost 295 gas
@mattaereal
mattaereal / CatchMeIfYouCan.sol
Last active May 4, 2023 18:18
CatchMeIfYouCan.sol
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.17;
interface DataFeed { function getData() external returns (uint value); }
contract DataFeedOK is DataFeed {
function getData() public pure returns (uint value) {
return 1;
}
}
@mattaereal
mattaereal / ReturnOrRevert.sol
Last active April 27, 2023 14:33
Return or Revert, gas costs.
// SPDX-License-Identifier: GPL-3.0
pragma solidity >=0.8.2 <0.9.0;
error DataResult(bytes32 data);
contract ReturnOrRevert {
function getDataByRevert(string memory x) public pure {
bytes32 data = keccak256(bytes(x));
revert DataResult(data);
@mattaereal
mattaereal / getAddr.fish
Created March 10, 2023 16:53
Manages a list of addresses locally.
function getAddr
set -g addresses_file "$HOME/.ethereum_addresses"
# Create the addresses file if it doesn't exist
if test ! -f $addresses_file
touch $addresses_file
end
# Parse the command-line arguments
switch $argv[1]
@mattaereal
mattaereal / ExploitWETH10.sol
Last active February 23, 2023 19:32
ExploitWETH10
// SPDX-License-Identifier: Manija
/** This exploit consists on abusing a reentrancy.
* This can be done as a consequence of two things:
* 1) The inherited public/external functions from ERC20 are not Reentrancy
* protected
* 2) Check-Effects-Interaction is missing at withdrawAll().
*
* This two cause the following to be possible:
* When you call withdrawAll(), the sendValue allows an attacker to take
* control over the flow of the transaction. And since _burn_, which uses