Skip to content

Instantly share code, notes, and snippets.

View nerder's full-sized avatar
🍕
Pizzing

Stefano Saitta nerder

🍕
Pizzing
View GitHub Profile
@nerder
nerder / PassiveWiFiTracking.md
Created December 27, 2023 11:45 — forked from haccks/PassiveWiFiTracking.md
Passive WiFi Tracking

Passive WiFi Tracking Posted February 26, 2014 by Edward Borrowed from: http://edwardkeeble.com/2014/02/passive-wifi-tracking/

In the last year or so, there have been quite a few stories on the use of passive WiFi tracking by advertisers, retailers, and analytics startups. Most of these articles focus on the significant privacy and security concerns associated with this practice, but few of them get into the details of how the technology works. Having built a similar system for my project, Casual Encounters, I think I can explain some of the inner workings of these systems, how to avoid being tracked, and how, for research purposes or to determine their own level of exposure, someone could build such a system. I will state that I am by no means an expert on wireless networks, signal analysis, or anything of the sort, but I have conducted a fair bit of research and trial and error, and it works for me. Your mileage may vary; don’t try this at home; etc, etc.

Probe Requests

When a WiFi client (phone,

DEF CON CTF Qualifier 2020 - Pooot Writeup

This challenge was about an In-Browser web proxy, that allows you to navigate the web “safely”. They also offer a feedback system in which you can report broken links. This immediately makes us thinking about some kind of bot that we should phish and steal some cookies with an XSS.

It wasn’t that easy 😃

No code was provided at first, but was easy to find in the commented html of the page:

<!-- <a href="/source"></a> -->
@nerder
nerder / stless_stulf.dart
Created March 11, 2020 00:12
[Flutter Workshop] Helpers: Stateless & Stateful Widgets templates
/// StatelessWidget template
class MyStateless extends StatelessWidget {
@override
Widget build(BuildContext context) {
return Container();
}
}
/// StatelessWidget template
class MyStateful extends StatefulWidget {
@nerder
nerder / main.dart
Last active March 8, 2020 22:35
[Flutter Workshop] Step 0: Familiarize with the IDE shortcuts
// IMPORTANT SHORTCUTS
// Run the code: [Cmd] + [Enter]
// Show quick fixes: [Alt] + [Enter]
// Comment-out code: [Cmd] + [/]
import 'package:flutter/material.dart';
final Color twPink = Color.fromARGB(255, 239, 91, 161);
void main() {

Keybase proof

I hereby claim:

  • I am nerder on github.
  • I am nerder (https://keybase.io/nerder) on keybase.
  • I have a public key whose fingerprint is F138 23F9 865B 1978 A9A6 1A9B 18AC 5A8F 135B 3B34

To claim this, I am signing this object:

DISCLAMER: I wasn't able to get the flag due to time shortage, but all the main ideas of the challange are here. This are basically the notes i take over the challange in order to figure out the solution of the puzzle. The approach i use in order to define a path toward the solution using the hints in the code that guides me in a specific direction.

Cat Chat [Google CTF (Quals) 2018]

The challange as far as i can tell consist in finding a Stored XSS and fish the admin to review the room to steel his cookies.

There are various hints that makes me think so:

headers: {
var casper = require('casper').create({
remoteScripts: [
'http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js',
'https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.6.1/lodash.js'
],
pageSettings: {
userAgent: 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.1500.71 Safari/537.36'
},
viewport: {
width: 1280,
const Integer = t.refinement(t.Number, n => n % 1 === 0, 'Integer');
const Hour = t.refinement(Integer, int => int >= 1 && int <= 23, 'Hour');
const Hour12 = t.refinement(Hour, int => int >= 1 && int <= 12, 'Hour12');
const Minute = t.refinement(Integer, int => int >= 0 && int <= 59, 'Minute');
const TimeFormat = t.enums.of([H12, H24], 'TimeFormat');
angular.module('plunker', [])
.controller('MainCtrl', function($scope) {
$scope.myModel = {};
$scope.myModel.to = "init-";
//AT THE END OF EXECUTION
//What i expect to have is something like
$scope.myModel.to = "init-something-to-slug";
$scope.myModel.from = "Something to slug";
// Product page template
.state("product", {
url: "/product/:param",
templateUrl: "modules/products/product.html",
data: {pageTitle: 'Product'},
controller: "ProductController"
})
.state("product.base", {
url: "/base",