| import asyncio | |
| import itertools | |
| import aiohttp | |
| import async_timeout | |
| async def fetch_with_response_delay(session, delay): | |
| if not 0 <= delay <= 10: | |
| raise ValueError('Delay must be between 0 and 10 inclusive') |
| # Install https://www.vaultproject.io/ | |
| brew install vault | |
| # Start dev vault server in a separate terminal | |
| vault server -dev | |
| # ==> Vault server configuration: | |
| # ... | |
| # Unseal Key: 7ACQHhLZY5ivzNzhMruX9kSa+VXCah3y87hl3dPSWFk= | |
| # Root Token: 858a6658-682e-345a-e4c4-a6e14e6f7853 |
Picking the right architecture = Picking the right battles + Managing trade-offs
| # tcpdump -A -nn -s 0 'tcp dst port 9200 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -i lo | |
| tcpdump: verbose output suppressed, use -v or -vv for full protocol decode | |
| listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes | |
| 14:32:33.525122 IP 127.0.0.1.49777 > 127.0.0.1.9200: Flags [P.], seq 313752908:313753888, ack 2465010394, win 257, options [nop,nop,TS val 2684167067 ecr 2684167066], length 980 | |
| E...^.@.@............q#...}L............... | |
| ..#...#.GET /index/_search HTTP/1.1 | |
| Host: 127.0.0.1:9200 | |
| Accept: */* | |
| Content-Length: 845 | |
| Content-Type: application/x-www-form-urlencoded |
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import requests | |
| import sys | |
| import json | |
| def hipchat_notify(token, room, message, color='yellow', notify=False, | |
| format='text', host='api.hipchat.com'): |
| # to use: | |
| # 1. put this file in ~/callstatement/callstatement.py | |
| # 2. make a file ~/Library/Python/2.7/site-packages/derp.pth with this as the contents: | |
| # "/Users/USER/callstatement/\nimport callstatement\n" | |
| # 3. export PYTHONIOENCODING="callstatement_utf8" | |
| # warning: EXTREMELY NASTY DO NOT USE IN PRODUCTION CODE | |
| # WILL BREAK EVERYTHING I AM NOT RESPONSIBLE IF | |
| # YOU'RE FOOLISH ENOUGH TO ACTUALLY TRY TO USE | |
| # THIS |
| const { Task } = Cu.import("resource://gre/modules/Task.jsm", {}); | |
| const { defer, all } = require("sdk/core/promise"); | |
| const { setTimeout } = require("sdk/timers"); | |
| Task.spawn(function *() { | |
| let item1 = yield getItem(1); | |
| let [item2, item3] = yield all([getItem(2), getItem(3)]); | |
| console.log(item1, item2, item3); // 1, 2, 3 | |
| }).then(function () { | |
| console.log('all items processed') |
| I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the | |
| 10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself | |
| that I too could do it. | |
| First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially | |
| believed that it would be highly improbable under normal conditions to obtain the private key | |
| through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's | |
| challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to | |
| extract private keys. So I wanted to see first-hand if it was possible or not. |
| GitHub RCE by Environment variable injection Bug Bounty writeup | |
| Disclaimer: I'll keep this really short but I hope you'll get the key points. | |
| GitHub blogged a while ago about some internal tool called gerve: | |
| https://github.com/blog/530-how-we-made-github-fast | |
| Upon git+sshing to github.com gerve basically looks up your permission | |
| on the repo you want to interact with. Then it bounces you further in | |
| another forced SSH session to the back end where the repo actually is. |
This workshop will cover the basics of the CPython runtime and interpreter. There is an enormous amount of material to cover, and I'll try to to rush through as much as I can.
