Skip to content

Instantly share code, notes, and snippets.


Lin, Yong Xiang r888800009

View GitHub Profile
loknop /
Created Dec 30, 2021
Solving "includer's revenge" from hxp ctf 2021 without controlling any files

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

View gist:cb4b6e9551457aa299066076b836a2cd
[Vulnerability Type Other]
CWE-697: Incorrect Comparison
[Vendor of Product]
[Affected Product Code Base]
unicorn engine - <=2.0.0
[Affected Component]
View peParser.cpp
#include <windows.h>
#include <iostream>
bool readBinFile(const char fileName[], char*& bufPtr, DWORD& length) {
if (FILE* fp = fopen(fileName, "rb")) {
fseek(fp, 0, SEEK_END);
length = ftell(fp);
bufPtr = new char[length + 1];
fseek(fp, 0, SEEK_SET);
fread(bufPtr, sizeof(char), length, fp);

ELF Format Cheatsheet


Executable and Linkable Format (ELF), is the default binary format on Linux-based systems.



kaftejiman /
Last active Oct 17, 2022
ret2csu exploitation technique ROP pwn


I wanted to make a clean and simple explanation of ret2csu exploitation technique as I didnt get it easily with the ressources I found on google. As far as my understanding goes. You should take it with a grain of salt.

Tests carried on a AMD64 Linux Ubuntu.

Table of Contents

niw /
Last active Nov 23, 2022
How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac

How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac

Here is easy steps to try Windows 10 on ARM or Ubuntu for ARM64 on your Apple Silicon Mac. Enjoy!

NOTE: that this is current, 10/1/2021 state.

Running Windows 10 on ARM

  1. Install Xcode from App Store or install Command Line Tools on your Mac
experimatt / iterm-colors-to-vscode.js
Last active Sep 12, 2022
A simple script to use your iTerm color profile in vscode's built-in terminal.
View iterm-colors-to-vscode.js
// This script takes an iTerm Color Profile as an argument and translates it for use with Visual Studio Code's built-in terminal.
// usage: `node iterm-colors-to-vscode.js [path-to-iterm-profile.json]
// To export an iTerm Color Profile:
// 1) Open iTerm
// 2) Go to Preferences -> Profiles -> Colors
// 3) Other Actions -> Save Profile as JSON
// To generate the applicable color settings and use them in VS Code:
2xAA / iterm-colors-to-vscode.js
Last active Apr 14, 2022
Convert iTerm2 "itermcolors" file to VSCode terminal color scheme
View iterm-colors-to-vscode.js
/* Generate colors using */
const col = [] // run your .itermcolors file through the above parser and replace the array with the output
function componentToHex(c) {
const hex = c.toString(16)
return hex.length === 1 ? `0${hex}` : hex
const mapping = {
'terminal.background':'Background Color',
Barneybook /
Last active Nov 6, 2022
Telegram 資訊相關 群組清單