⌘T | go to file |
⌘⌃P | go to project |
⌘R | go to methods |
⌃G | go to line |
⌘KB | toggle side bar |
⌘⇧P | command prompt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156) | |
# | |
# ## Advisory | |
# | |
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion | |
# | |
# ## Caveats | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* A PTRACE_POKEDATA variant of CVE-2016-5195 | |
* should work on RHEL 5 & 6 | |
* | |
* (un)comment correct payload (x86 or x64)! | |
* $ gcc -pthread c0w.c -o c0w | |
* $ ./c0w | |
* DirtyCow root privilege escalation | |
* Backing up /usr/bin/passwd.. to /tmp/bak | |
* mmap fa65a000 |