Skip to content

Instantly share code, notes, and snippets.

Avatar
🇨🇳
Focusing

thinkycx thinkycx

🇨🇳
Focusing
View GitHub Profile
@thinkycx
thinkycx / hosts
Created Aug 27, 2019 — forked from joseconstela/hosts
Prevent OSX calling home
View hosts
################################################################################
# Prevent OSX calling home #
# #
# Mix of different /etc/hosts files found over internet, and calls filtered #
# using LittleSnitch for months. #
# #
# OSX sends a huge amount of requests to Cuppertino, even when you don't use #
# Spotlight suggestions, iCloud, updates and other services. Even if they are #
# disabled. #
# #
@thinkycx
thinkycx / CVE-2019-5736-install-docker.sh
Last active May 24, 2019
a bash script for CVE-2019-5736 to install vulnerable docker on ubuntu16.04/centos7.
View CVE-2019-5736-install-docker.sh
#!/bin/bash
# date: 20190523
# author: thinkycx
# Description: you can use this to install vulnerable docker ( CVE-2019-5736 docker runc escape )
# tested on centos7/ubuntu16.04
# Usage:
# 1. curl https://gist.githubusercontent.com/thinkycx/e2c9090f035d7b09156077903d6afa51/raw -o install.sh && bash install.sh
# 2. run docker_escape in docker container
#
View ubuntu-server-install.sh
# docker 20190119
# ref: https://docs.docker.com/install/linux/docker-ce/ubuntu/
sudo apt-get update -y
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
View parallel.sh
#!/bin/bash
# author: thinkycx
# date: 2019-01-14
# Usage:
# run jobs at the same time with multiple process.
parallel(){
nCPU=3 # 同时执行的进程数量
PID=()
for((i=0;i<5;i++)){
@thinkycx
thinkycx / start-fuzz-18.04.sh
Created Jan 7, 2019
use afl preeny to fuzz nginx
View start-fuzz-18.04.sh
#!/bin/bash
# fuzz-nginx
FUZZER_AFL_PATH="$HOME/Fuzz/fuzzer/afl.git"
NGINX_PATH="$HOME/Fuzz/fuzz-nginx/nginx.git"
WORK_PATH="$HOME/Fuzz/fuzz-nginx"
CLANG_LLVM_PATH="$HOME/Fuzz/fuzz-nginx/clang-3.8.0/clang+llvm-3.8.0-x86_64-linux-gnu-ubuntu-16.04/bin"
install_preeny(){
@thinkycx
thinkycx / ubuntu-server-install.sh
Last active Dec 29, 2018
install some essentials on ubuntu
View ubuntu-server-install.sh
# install docker
sudo apt-get install docker.io
sudo service docker start
sudo usermod -aG docker $(whoami)
# docker-compose
sudo pip install docker-compose
#
View macOS-reverse-shellcode.asm
; date: 2018-12-11
; author: thinkycx
; description:
; reverse /bin/sh by nc, reference: https://modexp.wordpress.com/2017/01/21/shellcode-osx/
; usage:
; nasm -f macho64 macOS-reverse-shellcode.asm
; ld -macosx_version_min 10.7.0 -o macOS-reverse-shellcode macOS-reverse-shellcode.o
BITS 64
global start
@thinkycx
thinkycx / shellcode-pushstr.py
Last active Dec 12, 2018
return asm shellcode : push string into stack and esp points to it!
View shellcode-pushstr.py
#!/usr/bin/python
# date: 2018-12-11
# author: thinkycx
# description: return asm shellcode : push string into stack and esp points to it!
# usage:
# change payload and run it.
import math
def pushstr(string='/home/orw/flag',length=8):
'''
return asm shellcode : push string into stack and esp points to it!
@thinkycx
thinkycx / exp.py
Last active Nov 26, 2018
my exploit template for CTF PWN
View exp.py
#!/usr/bin/env python
# coding=utf-8
# author: thinkycx
# date: 2018-10-31
from pwn import *
context.local(arch='amd64', os='linux')
def pwn(io):
if local&debug: gdb.attach(io,'break *0x400641')
@thinkycx
thinkycx / dirtycow.c
Created Nov 25, 2018 — forked from KrE80r/c0w.c
PTRACE_POKEDATA variant of CVE-2016-5195
View dirtycow.c
/*
* A PTRACE_POKEDATA variant of CVE-2016-5195
* should work on RHEL 5 & 6
*
* (un)comment correct payload (x86 or x64)!
* $ gcc -pthread c0w.c -o c0w
* $ ./c0w
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* mmap fa65a000
You can’t perform that action at this time.