Skip to content

Instantly share code, notes, and snippets.

View snoopysecurity's full-sized avatar

Sam Sanoop snoopysecurity

433 followers · 40 following
View GitHub Profile
@snoopysecurity
snoopysecurity / Building_v8_Windows.md
Created February 13, 2023 17:25 — forked from jhalon/Building_v8_Windows.md
@snoopysecurity
snoopysecurity / wordpress.md
Created February 1, 2023 22:47 — forked from cure53/wordpress.md
WordPress Flash XSS in flashmediaelement.swf
@snoopysecurity
snoopysecurity / big_query_examples.md
Created September 19, 2022 13:00 — forked from arfon/big_query_examples.md
BigQuery Examples for blog post

How many times shouldn't it happen...

-- https://news.ycombinator.com/item?id=11396045

SELECT count(*)
FROM (SELECT id, repo_name, path
        FROM [bigquery-public-data:github_repos.sample_files]
 ) AS F
@snoopysecurity
snoopysecurity / README.md
Created April 26, 2022 12:29 — forked from paolocarrasco/README.md
How to understand the `gpg failed to sign the data` problem in git

Problem

You have installed GPG, then tried to commit and suddenly you see this error message after it:

error: gpg failed to sign the data
fatal: failed to write commit object

Debug

@snoopysecurity
snoopysecurity / rs-async-zip_zip_slip.md
Last active January 5, 2022 14:04
rs-async-zip Zip Path Traversal (Zip Slip)

Introduction

rs-async-zip is a asynchronous ZIP archive reading/writing crate with a heavy focus on streaming support. This package is vulnerable to Zip Traversal (Zip Slip).

Note: This issue was privately disclosed to the maintainer. He has stated that he has made conscious decision not to mitigate any sort of traversal attacks within the library itself. He has however added a notice to to the example code https://github.com/Majored/rs-async-zip/commit/08587b8933f80f8a70b4e313313f2fffc22c983a

ZIP Traversal Attacks is a form of a Directory Traversal that can be exploited by extracting files from an archive. More about this type of vulnerability can be read about here: https://snyk.io/research/zip-slip-vulnerability

PoC/Steps to Reproduce

@snoopysecurity
snoopysecurity / phpdangerousfuncs.md
Created January 5, 2021 23:26 — forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@snoopysecurity
snoopysecurity / README.md
Created December 26, 2020 22:40 — forked from FrankSpierings/README.md
Linux Container Escapes and Hardening
@snoopysecurity
snoopysecurity / 3_years_of_attacking_javascript_engines.txt
Created December 14, 2020 21:11 — forked from saelo/3_years_of_attacking_javascript_engines.txt
3 Years of Attacking JavaScript Engines
|=-----------------------------------------------------------------------=|
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=|
|=-----------------------------------------------------------------------=|
|=------------------------------=[ saelo ]=------------------------------=|
|=-----------------------------------------------------------------------=|
The following are some brief notes about the changes that have taken place
since the release of the "Attacking JavaScript Engines" paper [1]. In
general, no big conceptional changes have happened since. Mitigations have
been added to break some of the presented techniques and, as expected, a
@snoopysecurity
snoopysecurity / paths_h1.txt
Created November 14, 2020 23:03 — forked from caioluders/paths_h1.txt
Set-Cookie=test=test
"--><svg
"><script>prompt("exr")<
$
$1
$a
$account_id
$code
@snoopysecurity
snoopysecurity / parameters_h1.txt
Created November 14, 2020 23:03 — forked from caioluders/parameters_h1.txt
-
.
..
...
....
.AMRU
.json
.onion
.txt
0