Skip to content

Instantly share code, notes, and snippets.

View zu1k's full-sized avatar
🦉
make something interesting

zu1k zu1k

🦉
make something interesting
3.2k followers · 47 following
View GitHub Profile
@jboner
jboner / latency.txt
Last active July 27, 2024 12:32
Latency Numbers Every Programmer Should Know
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
@oXnMe
oXnMe / gist:84bf22ece3c6f483b37294ec9267c840
Created June 9, 2017 04:39
VM反虚拟机检测
isolation.tools.getPtrLocation.disable = "TRUE"
isolation.tools.setPtrLocation.disable = "TRUE"
isolation.tools.setVersion.disable = "TRUE"
isolation.tools.getVersion.disable = "TRUE"
monitor_control.disable_directexec = "TRUE"
monitor_control.disable_chksimd = "TRUE"
monitor_control.disable_ntreloc = "TRUE"
monitor_control.disable_selfmod = "TRUE"
monitor_control.disable_reloc = "TRUE"
monitor_control.disable_btinout = "TRUE"
@LoadLow
LoadLow / Readme.md
Last active August 14, 2023 13:55
Bypass shell_exec or system disabled functions by using GCONV (PHP rce to system())

This is based on https://hugeh0ge.github.io/2019/11/04/Getting-Arbitrary-Code-Execution-from-fopen-s-2nd-Argument/

Credits: @hugeh0ge

It uses iconv, in php, in order to execute the same payload.

Uses cases :

  • You control the first parameter of iconv (in_charset), you can set an env var and you can upload arbitrary files (.so library file and the gconv-modules file) and you know their path.
  • You have a php RCE but system, shell_exec, curl_exec and other functions are disabled but you can setenv (and LD_PRELOAD is blacklisted).
@hkraw
hkraw / chrome-v8-issue-1126249.js
Last active April 20, 2022 15:29
class Helpers {
constructor() {
this.cvt_buf = new ArrayBuffer(8);
this.cvt_f64a = new Float64Array(this.cvt_buf);
this.cvt_u64a = new BigUint64Array(this.cvt_buf);
this.cvt_u32a = new Uint32Array(this.cvt_buf);
}
ftoi(f) {
@orangetw
orangetw / w3rmup.php
Created December 5, 2021 13:47
<?php
if (!isset($_GET['mail']))
highlight_file(__FILE__) && exit();
$mail = filter_var($_GET['mail'], FILTER_VALIDATE_EMAIL);
$addr = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);
$country = geoip_country_code_by_name($addr);
if (!$addr || strlen($addr) == 0) die('bad addr');
if (!$mail || strlen($mail) == 0) die('bad mail');
@OrionReed
OrionReed / dom3d.js
Last active July 22, 2024 08:58
3D DOM viewer, copy-paste this into your console to visualise the DOM topographically.
// 3D Dom viewer, copy-paste this into your console to visualise the DOM as a stack of solid blocks.
// You can also minify and save it as a bookmarklet (https://www.freecodecamp.org/news/what-are-bookmarklets/)
(() => {
const SHOW_SIDES = false; // color sides of DOM nodes?
const COLOR_SURFACE = true; // color tops of DOM nodes?
const COLOR_RANDOM = false; // randomise color?
const COLOR_HUE = 190; // hue in HSL (https://hslpicker.com)
const MAX_ROTATION = 180; // set to 360 to rotate all the way round
const THICKNESS = 20; // thickness of layers
const DISTANCE = 10000; // ¯\\_(ツ)_/¯
@thesamesam
thesamesam / xz-backdoor.md
Last active July 25, 2024 09:00
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@smx-smx
smx-smx / XZ Backdoor Analysis
Last active July 27, 2024 22:52
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress