Skip to content

Instantly share code, notes, and snippets.

View thypon's full-sized avatar

Andrea Brancaleoni thypon

124 followers · 19 following
View GitHub Profile
@thypon
thypon / Vulnfinder
Last active December 17, 2015 04:18
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-CN" lang="zh-CN">
<head>
<script src="escape.js" type="text/javascript" charset="utf-8"></script>
<script type="text/javascript" language="javascript" charset="utf-8">
//<![CDATA[
if (escapeHTML(document.url) != document.url) {
document.href = "XSS"
}
//]]>
@thypon
thypon / exceptional.rkt
Last active December 17, 2015 15:59
Racket Exception Implementation
#lang racket
(define *handlers* (list))
(define (push-handler proc)
(set! *handlers* (cons proc *handlers*)))
(define (pop-handler)
(let ((h (car *handlers*)))
(set! *handlers* ( cdr *handlers*))
@thypon
thypon / gist:8476260
Created January 17, 2014 16:21
I Need Dynamics
import lombok.NonNull;
import java.lang.reflect.Method;
public class Dynamics {
@SuppressWarnings("unchecked")
public static <T> T send(
@NonNull final Class<?> clazz,
@NonNull final String method,
final Object... args) {
@thypon
thypon / Shrodinger.java
Last active August 29, 2015 14:10
May be alive
class Shrodinger {
static int DEAD = 0;
static int ALIVE = 1;
int status;
}
class Main {
stativ void main() {
Shrodinger cat = new Shrodinger();
@thypon
thypon / shmap.rb
Last active August 29, 2015 14:10
require 'socket'
def command(cmd)
s = TCPSocket.new 'shmap.9447.plumbing', 9447
data = s.recv(20000)
s.puts cmd
data = s.gets
s.close # close socket when done
@thypon
thypon / DHCPLogger.go
Created December 14, 2014 15:30
Logs Users that connects via DHCP
package main
import (
"flag"
"log"
"net"
"time"
"sync"
"errors"
@thypon
thypon / gist:86add332b6d85b9abb39
Created March 12, 2015 22:55
Proc Composability
class Proc
def self.compose(f, g)
lambda { |*args| f[g[*args]] }
end
def *(g)
Proc.compose(self, g.to_proc)
end
def |(g)
@thypon
thypon / Extract Deps
Created April 24, 2015 23:56
Extract Deps in Ruby
#!/usr/bin/env ruby
require 'rubygems'
require 'gems'
require 'json'
class Package < Struct.new(:name, :language, :version, :hash, :source, :homepage, :depends)
end
class Dependencies < Struct.new(:hostmake, :make, :runtime)
@thypon
thypon / dontfork.c
Last active August 29, 2015 14:24
Daemonize tracer
// dontfork.c, a little ptrace utility that traces all child process
// and exits only when the latest spawned child is dead
#include <assert.h>
#include <stdio.h>
#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <string.h>
#include <linux/ptrace.h>
#include <sys/prctl.h>
@thypon
thypon / recursivechecksec.sh
Created August 24, 2015 12:07
check security for all linked libraries
recursivechecksec() {
sudo LD_TRACE_LOADED_OBJECTS=1 LD_VERBOSE=1 /lib/ld-linux-x86-64.so.2 $1 | grep "=>" | sed 's|\s*||' | sed 's|(.*)||g' | awk '{print $3}' | sort | uniq | xargs -n1 ls -la | awk '{print $11}' | xargs -n1 echo /usr/lib/ | sed 's|\s*||g' | xargs -n1 checksec --file
}