Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

phithon phith0n

🎯
Focusing
View GitHub Profile
@phith0n
phith0n / download.php
Last active Jul 22, 2021
progress enabled file server
View download.php
<?php
set_time_limit(0);
$filename = 'bigfile.txt';
$f = fopen($filename, 'r');
$i = 0;
$chunk = 2;
$each = 100 / (filesize($filename) / $chunk);
while (true) {
@phith0n
phith0n / regenerate.py
Last active May 21, 2021
a simple regexp generator
View regenerate.py
import re
from enum import Enum
class State(Enum):
Initial = 0
D = 10
DRest = 11
S = 20
SRest = 21
@phith0n
phith0n / field.php
Last active Apr 25, 2021
SQL injection in the update field key.
View field.php
<?php
$db = new PDO('sqlite::memory:');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->exec("CREATE TABLE user (id int, username string, password string);");
$db->exec("INSERT INTO user VALUES(1, 'admin', 'admin');");
$db->exec("INSERT INTO user VALUES(2, 'demo', 'demo');");
$summary = $_REQUEST['field'];
$bind_vals = [];
$sql_set = ' ';
@phith0n
phith0n / output.txt
Last active Jan 13, 2021
一个离奇的Shell问题(请在Linux下运行,MacOS下运行会出错)
View output.txt
root@b3324f24e6c0:/tmp# ./sample.sh -n Bob -a
Arg: -n
Arg: Bob
Bob
Arg: -a
-a
Arg: --
--
@phith0n
phith0n / README.md
Created Jul 16, 2019
跑一跑微博被和谐的图
View README.md

跑一跑微博被和谐的图

sinaimg子域名,跑一遍即可。

@phith0n
phith0n / README.md
Last active Oct 5, 2019
梧桐百科投稿指南
View README.md

梧桐百科投稿指南

梧桐百科是一个碎片化安全知识学习平台,我们将细小的知识点(tricks)写入卡片,以卡片的形式让学习者对知识的认识程度更加深刻。

我们接受用户投稿,大家可以把自己觉得优秀的碎片化知识发送给我们,投稿地址:https://tricking.io/card/contribute/

投稿步骤

投稿前,请先搜索,可能你的知识点已经被梧桐百科收录。

@phith0n
phith0n / tmux-cheatsheet.markdown
Created Apr 27, 2018 — forked from ryerh/tmux-cheatsheet.markdown
Tmux 快捷键 & 速查表
View tmux-cheatsheet.markdown

Tmux 快捷键 & 速查表

启动新会话:

tmux [new -s 会话名 -n 窗口名]

恢复会话:

tmux at [-t 会话名]
@phith0n
phith0n / app.py
Last active Mar 8, 2021
一个小挑战(For Windows):这个代码中可能存在什么漏洞
View app.py
import os
import posixpath
from werkzeug.utils import secure_filename
from flask import Flask, redirect, url_for, abort, request, send_file
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'upload')
def allowed_file(filename):
return '.' in filename and \
@phith0n
phith0n / chrome_install_headless.sh
Last active Dec 10, 2021 — forked from Leotomas/chrome_install_headless.sh
Install Chrome headless on Ubuntu
View chrome_install_headless.sh
export CHROME_BIN=/usr/bin/google-chrome
export DISPLAY=:99.0
sh -e /etc/init.d/xvfb start
sudo apt-get update
sudo apt-get install -y libappindicator1 fonts-liberation libasound2 libgconf-2-4 libnspr4 libxss1 libnss3 xdg-utils
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome*.deb
@phith0n
phith0n / README.md
Last active Dec 23, 2019
『代码审计』小密圈入圈指南
View README.md

『代码审计』小密圈入圈指南

加入代码审计小密圈: https://wx.xiaomiquan.com/mweb/views/joingroup/join_group.html?group_id=2212251881

代码审计小密圈从去年11月成立至今已有近半年时间,一直没有把我们的宗旨和规则明文写出来,一是我比较懒事儿也比较多,二是我发现大家都是善良的小纯白,并没有谁是揣着恶意来到这里,所以这个事儿也不是特别急。但一直没有成文的规定总不是办法,有的新人进来后,四顾何茫茫,不领要旨,可能会觉得钱花的不值。

宗旨

办这个圈子,脑子里有几句话,我一直奉为圭臬,在这里说一下。