Skip to content

Instantly share code, notes, and snippets.

🇨🇳
Focusing

thinkycx thinkycx

🇨🇳
Focusing
Block or report user

Report or block thinkycx

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@thinkycx
thinkycx / hosts
Created Aug 27, 2019 — forked from joseconstela/hosts
Prevent OSX calling home
View hosts
################################################################################
# Prevent OSX calling home #
# #
# Mix of different /etc/hosts files found over internet, and calls filtered #
# using LittleSnitch for months. #
# #
# OSX sends a huge amount of requests to Cuppertino, even when you don't use #
# Spotlight suggestions, iCloud, updates and other services. Even if they are #
# disabled. #
# #
@thinkycx
thinkycx / CVE-2019-5736-install-docker.sh
Last active May 24, 2019
a bash script for CVE-2019-5736 to install vulnerable docker on ubuntu16.04/centos7.
View CVE-2019-5736-install-docker.sh
#!/bin/bash
# date: 20190523
# author: thinkycx
# Description: you can use this to install vulnerable docker ( CVE-2019-5736 docker runc escape )
# tested on centos7/ubuntu16.04
# Usage:
# 1. curl https://gist.githubusercontent.com/thinkycx/e2c9090f035d7b09156077903d6afa51/raw -o install.sh && bash install.sh
# 2. run docker_escape in docker container
#
View ubuntu-server-install.sh
# docker 20190119
# ref: https://docs.docker.com/install/linux/docker-ce/ubuntu/
sudo apt-get update -y
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
View parallel.sh
#!/bin/bash
# author: thinkycx
# date: 2019-01-14
# Usage:
# run jobs at the same time with multiple process.
parallel(){
nCPU=3 # 同时执行的进程数量
PID=()
for((i=0;i<5;i++)){
@thinkycx
thinkycx / start-fuzz-18.04.sh
Created Jan 7, 2019
use afl preeny to fuzz nginx
View start-fuzz-18.04.sh
#!/bin/bash
# fuzz-nginx
FUZZER_AFL_PATH="$HOME/Fuzz/fuzzer/afl.git"
NGINX_PATH="$HOME/Fuzz/fuzz-nginx/nginx.git"
WORK_PATH="$HOME/Fuzz/fuzz-nginx"
CLANG_LLVM_PATH="$HOME/Fuzz/fuzz-nginx/clang-3.8.0/clang+llvm-3.8.0-x86_64-linux-gnu-ubuntu-16.04/bin"
install_preeny(){
@thinkycx
thinkycx / ubuntu-server-install.sh
Last active Dec 29, 2018
install some essentials on ubuntu
View ubuntu-server-install.sh
# install docker
sudo apt-get install docker.io
sudo service docker start
sudo usermod -aG docker $(whoami)
# docker-compose
sudo pip install docker-compose
#
View macOS-reverse-shellcode.asm
; date: 2018-12-11
; author: thinkycx
; description:
; reverse /bin/sh by nc, reference: https://modexp.wordpress.com/2017/01/21/shellcode-osx/
; usage:
; nasm -f macho64 macOS-reverse-shellcode.asm
; ld -macosx_version_min 10.7.0 -o macOS-reverse-shellcode macOS-reverse-shellcode.o
BITS 64
global start
@thinkycx
thinkycx / shellcode-pushstr.py
Last active Dec 12, 2018
return asm shellcode : push string into stack and esp points to it!
View shellcode-pushstr.py
#!/usr/bin/python
# date: 2018-12-11
# author: thinkycx
# description: return asm shellcode : push string into stack and esp points to it!
# usage:
# change payload and run it.
import math
def pushstr(string='/home/orw/flag',length=8):
'''
return asm shellcode : push string into stack and esp points to it!
@thinkycx
thinkycx / exp.py
Last active Nov 26, 2018
my exploit template for CTF PWN
View exp.py
#!/usr/bin/env python
# coding=utf-8
# author: thinkycx
# date: 2018-10-31
from pwn import *
context.local(arch='amd64', os='linux')
def pwn(io):
if local&debug: gdb.attach(io,'break *0x400641')
@thinkycx
thinkycx / dirtycow.c
Created Nov 25, 2018 — forked from KrE80r/c0w.c
PTRACE_POKEDATA variant of CVE-2016-5195
View dirtycow.c
/*
* A PTRACE_POKEDATA variant of CVE-2016-5195
* should work on RHEL 5 & 6
*
* (un)comment correct payload (x86 or x64)!
* $ gcc -pthread c0w.c -o c0w
* $ ./c0w
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* mmap fa65a000
You can’t perform that action at this time.