はじめに 対象イベント 読み方、使い方 Remote Code Execution(RCE) 親ディレクトリ指定によるopen_basedirのバイパス PHP-FPMのTCPソケット接続によるopen_basedirとdisable_functionsのバイパス JavaのRuntime.execでシェルを実行 Cross-Site Scripting(XSS) nginx環境でHTTPステータスコードが操作できる場合にCSPヘッダーを無効化 GoogleのClosureLibraryサニタイザーのXSS脆弱性 WebのProxy機能を介したService Workerの登録 括弧を使わないXSS /記号を使用せずに遷移先URLを指定 SOME(Same Origin Method Execution)を利用してdocument.writeを順次実行 SQL Injection MySQ
This article is about a few quick thumb rules I use when writing shell scripts that I’ve come to appreciate over the years. Very opinionated. Things¶ Use bash. Using zsh or fish or any other, will make it hard for others to understand / collaborate. Among all shells, bash strikes a good balance between portability and DX. Just make the first line be #!/usr/bin/env bash, even if you don’t give exec
ブレークポイントを設定してスクリプトをデバッグすることもできます。デバッガを使用するにはスクリプトをファイルとして保存し、下記の様にポリシー変更する必要があります。 Set-ExecutionPolicy -Scope CurrentUser ExecutionPolicy: RemoteSigned キーワード 言語としては下記のキーワードが定義されています。 変数 変数($xxx) 変数は $変数名 で表します。 $Name = "Yamada" Write-Output "My name is $Name." 変数の値を削除するには Clear-Variable を使用するか、値 $null を設定します。変数を削除するには Remove-Variable または Remove-Item を使用します。 Clear-Variable -Name a # 値をクリア $a = $nul
Posted on Tuesday, April 2, 2024. Updated Wednesday, April 3, 2024. Introduction Andres Freund published the existence of the xz attack on 2024-03-29 to the public oss-security@openwall mailing list. The day before, he alerted Debian security and the (private) distros@openwall list. In his mail, he says that he dug into this after “observing a few odd symptoms around liblzma (part of the xz packag
Join a VS Code Dev Days event near you to learn about AI-assisted development in VS Code. Update 1.53.1: The update addresses these security issues. Update 1.53.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Intel | Linux: deb rpm tarball Arm snap Welcome to the January 2021 release of Visual Studio Code. There are a number of updates in this version that we hope you wi
Since I was unable to travel for a couple of years during the pandemic, I decided to take my new-found time and really lean into Rust. After writing over 100k lines of Rust code, I think I am starting to get a feel for the language and like every cranky engineer I have developed opinions and because this is the Internet I’m going to share them. The reason I learned Rust was to flesh out parts of t
World’s First MIDI Shellcode Jan 2025 · 45 min read I gained remote code execution via MIDI messages to trick my synth into playing Bad Apple on its LCD. This blog post is about my journey with this reverse engineering project. Final iteration of Bad Apple The beginning I’ve had this Yamaha PSR-E433 synth for a very long time, and a couple of years ago I decided to open it up — partly because it w
This paper reflects work done in late 2022 and 2023 to audit for vulnerabilities in terminal emulators, with a focus on open source software. The results of this work were 10 CVEs against terminal emulators that could result in Remote Code Execution (RCE), in addition various other bugs and hardening opportunities were found. The exact context and severity of these vulnerabilities varied, but some
Tier 4 Support § Support for these targets is entirely experimental. If this target is provided by LLVM, LLVM may have the target as an experimental target, which means that you need to use Zig-provided binaries for the target to be available, or build LLVM from source with special configure flags. zig targets will display the target if it is available. This target may be considered deprecated by
In Praise of dhh
In Praise of dhh November 8, 2025 | #tech #politics A reflection on Ruby’s past, present, and future. This is a long essay. I strongly recommend you read it from the beginning, but to help navigate it I have created this table of contents. Prologue The Past How I Learned To Love Ruby A Breath Of Fresh Air A Shared Worldview The Present Tragedy Strikes Recent Conflict In The Community Strength and
Table of Contents Highlights Handling of Filenames in Shell Modern C Limits & Cooperation Makefiles Logging Internationalization Minor Changes Changes Index In the 1950s, computers did not really interoperate. ARPANET has not yet happened (that would become a thing in the 60s), and every operating system was typically tied to the hardware that was meant to run on. Most communication actually happe
State of the Common Lisp ecosystem, 2020 🎉 - Lisp journey
NEW: 9 videos (86min) about CLOS on my Common Lisp course. Out of 7h+ of content. Rated 4.7/5. Learn more and stay tuned. 🎥 I also have cool Lisp showcases on Youtube . The last ones: how to build a web app in Common Lisp, part 1 and 2. This is a description of the Common Lisp ecosystem, as of January, 2021, from the perspective of a user and contributor. The purpose of this article is both to gi
prompts.chat
Welcome to the “Awesome ChatGPT Prompts” repository! While this collection was originally created for ChatGPT, these prompts work great with other AI models like Claude, Gemini, Hugging Face Chat, Llama, Mistral, and more. ChatGPT is a web interface created by OpenAI that provides access to their GPT (Generative Pre-trained Transformer) language models. The underlying models, like GPT-4o and GPT-o
We recently overhauled our internal tools for visualizing the compilation of JavaScript and WebAssembly. When SpiderMonkey’s optimizing compiler, Ion, is active, we can now produce interactive graphs showing exactly how functions are processed and optimized. You can play with these graphs right here on this page. Simply write some JavaScript code in the test function and see what graph is produced
Supply Chain Security Alert: Popular Nx Build System Package Compromised with Data-Stealing Malware - StepSecurity
Executive SummaryStarting August 26, 2025 at approximately 10:32 PM UTC, the popular Nx build system package was compromised with data-stealing malware. The malicious versions remained live for just over five hours before being taken down, but in that short window, thousands of developers may have been exposed. The malware did more than just steal SSH keys, npm tokens, and .gitconfig files - it we
EC2インスタンスのユーザーデータ内のdnfコマンドやyumコマンドが失敗する場合の緩和策を考えてみた | DevelopersIO
ユーザーデータでパッケージのインストールをしようとすると失敗するんだが こんにちは、のんピ(@non____97)です。 皆さんはEC2インスタンスのユーザーデータでdnfコマンドやyumコマンドが失敗したことはありますか? 私はあります。 具体的にはユーザーデータでdnf upgradeやdnf install パッケージ名を実行すると、以下のようにRPM: error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Resource temporarily unavailable)とログが出力されます。 $ dnf upgrade -y --releasever=latest Amazon Linux 2023 repository 30 MB/s | 23 MB 00:00 Amazon Linux 2023 Ker
Try Mastering Emacs for free! Are you struggling with the basics? Have you mastered movement and editing yet? When you have read Mastering Emacs you will understand Emacs. It’s that time again: there’s a new major version of Emacs and, with it, a treasure trove of new features and changes. Notable features include the formal inclusion of native compilation, a technique that will greatly speed up y
vim9script4pythondevelopers.md Vim9 script for Python Developers Vim9 script�Vim script��������������������������������������������������系��� def������義����������Vim script��vim9script�����使����������(vim9script���
go command - cmd/go - Go Packages
Go is a tool for managing Go source code. Usage: go <command> [arguments] The commands are: bug start a bug report build compile packages and dependencies clean remove object files and cached files doc show documentation for package or symbol env print Go environment information fix update packages to use new APIs fmt gofmt (reformat) package sources generate generate Go files by processing source
Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn | Microsoft Security Blog
Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could allow an attacker to elevate privileges to root on many Linux desktop endpoints. The vulnerabilities can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, and perform other malicious actions via arbitrary root code execution. M
Plan 9 Desktop Guide
PLAN 9 DESKTOP GUIDE INDEX What is Plan 9? Limitations and Workarounds Connecting to Other Systems VNC RDP SSH 9P Other methods Porting Applications Emulating other Operating Systems Virtualizing other Operating Systems Basics Window Management Copy Pasting Essential Programs Manipulating Text in the Terminal Acme - The Do It All Application Multiple Workspaces Tiling Windows Plumbing System Admin
While getting my degree in Physics, I had to take classes in both MatLab and Python for scientific computing. I preferred python, where we used the SciPy and NumPy packages. In fact, I used those packages again (along with matplotlib) in an undergraduate research project simulating bacteria films. There's a catch: I was also pursuing a degree in Computer Science, and Python just wasn't fast enough
Join a VS Code Dev Days event near you to learn about AI-assisted development in VS Code. Update 1.56.1: The update addresses these security issues. Update 1.56.2: The update addresses these issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the April 2021 release of Visual Studio Code. The VS Code team has been busy this month working
Join a VS Code Dev Days event near you to learn about AI-assisted development in VS Code. Update 1.55.1: The update addresses these issues. Update 1.55.2: The update addresses these security issues. Downloads: Windows: x64 Arm64 | Mac: Universal Intel silicon | Linux: deb rpm tarball Arm snap Welcome to the March 2021 release of Visual Studio Code. There are a number of updates in this version tha
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
This request triggered an extremely suspicious intermittent 400 Bad Request response from various websites that were running AWS Application Load Balancer (ALB) as their front-end. Investigation revealed that ALB was mysteriously adding a 'Transfer-Encoding: chunked' header while downgrading the request to HTTP/1.1 for forwarding to the back-end, without making any alterations to the message body:
[PLAY WEB VERSION: ALONE] [PLAY WEB VERSION: WITH A FRIEND] [PRINT] [RULES] [SIMILAR PROJECTS] [SYMBOLS] [CREDITS] [CONTACT] [GAME HELPER ESP32 | MOBILE] [ASSEMBLY GUIDE] THE GAME I made this game to teach my daughter how buffer overflows work. My favorite part of comuting is looking at programs as something you can play with, and poke and twist and make it whatever you want. When your microwave o
After needing to do a deep dive on the venv module (which I will explain later in this blog post as to why), I thought I would explain how virtual environments work to help demystify them. Why do virtual environments exist?Back in my the day, there was no concept of environments in Python: all you had was your Python installation and the current directory. That meant when you installed something y
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
This blogpost is the next instalment of my series of hands-on no-boilerplate vulnerability research blogposts, intended for time-travellers in the future who want to do Linux kernel vulnerability research. Specifically, I hope beginners will learn from my VR workflow and the seasoned researchers will learn from my techniques. In this blogpost, I'm discussing a bug I found in nf_tables in the Linux
From Zero to Domain Admin
The DFIR Report Real Intrusions by Real Attackers, The Truth Behind the Intrusion Intro This report will go through an intrusion from July that began with an email, which included a link to Google’s Feed Proxy service that was used to download a malicious Word document. Upon the user enabling macros, a Hancitor dll was executed, which called the usual suspect, Cobalt Strike. Various different enum
Automated Hydroponic System Build – Projects | Kyle Gabriel
Last Updated: August 28, 2022 Hydroponic farming is a method of growing crops without soil, with the main benefits of environmental and nutrient control, water conservation, and reduction of labor. This technique relies on a number of technologies that the principles of automation can be applied in order to improve yield and consistency. In this article and accompanying video, I’ll show you how to
GitHub - suzukiiichiro/Rogue2.Official: 【公式ローグII】rougeclone2 (データ分離版ローグ・クローンII UTF-8版)ターミナルへの出力はもちろん、メッセージファイル、ソースコードなどすべての処理と資源がUTF-8対応しています。Rogueのすばらしさを楽しみたい人、ソースコードを見て完成度を共感したい人、さらにオリジナルアイディアでゲームを拡張したいひと、待望の日本語UTF-8最終FIX版
============================================================================== 日本語版ローグ・クローンによる『運命の洞窟』への招待 鈴木維一郎 <suzuki.iichiro@gmail.com> 太田純氏の「ローグ・クローン2 日本語版1.3」、伊藤康史氏の「データ分離版ローグ・ クローンII」、FUNABARA Masao氏の「rogueclone2s」、 Naohiro Aota氏の 「rogueclone2s-utf8」、を経て本バージョンとなりました。 ○説明 rougeclone2s (データ分離版ローグ・クローンII メンテナンスバージョン のUTF-8版) はターミナルへの出力のみが UTF-8対応となっていましたが、本バージョンは、ターミナ ルへの出力はもちろん、メッセージファイル、ソースコ
Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover | Datadog Security Labs
research Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover April 15, 2024 aws vulnerability disclosure Key Points We identified two variants of a vulnerability in AWS Amplify that exposed identity and access management (IAM) roles associated with Amplify projects, allowing them to become assumable by anyone in the world. If the authentication component was removed fro
Workshop: An Introduction to macOS Forensics with Open Source Software
Workshop: An Introduction to macOS Forensics with Open Source Software Japan Security Analyst Conference 2022 株式会社インターネットイニシアティブ 小林 稔 Who am I? 小林 稔 2 • 株式会社インターネットイニシアティブ セキュリティ本部 セキュリティ情報統括室 技術調査、社内インシデントレスポンス • 外部活動 セキュリティキャンプ全国大会講師 2017-2019 Japan Security Analyst Conference Speaker 2018/2020 Black Hat USA 2018 Briefing Speaker • Twitter: @unkn0wnbit はじめに 3 0 本ワークショップの目的 (1/2) ◦本ワークショップでやること ▪
GitHub - ComfyUI-Workflow/awesome-comfyui: A collection of awesome custom nodes for ComfyUI
ComfyUI-Gemini_Flash_2.0_Exp (⭐+172): A ComfyUI custom node that integrates Google's Gemini Flash 2.0 Experimental model, enabling multimodal analysis of text, images, video frames, and audio directly within ComfyUI workflows. ComfyUI-ACE_Plus (⭐+115): Custom nodes for various visual generation and editing tasks using ACE_Plus FFT Model. ComfyUI-Manager (⭐+113): ComfyUI-Manager itself is also a cu
Node.js
Notable Changes Experimental command-line argument parser API Adds util.parseArgs helper for higher level command-line argument parsing. Contributed by Benjamin Coe, John Gee, Darcy Clarke, Joe Sepi, Kevin Gibbons, Aaron Casanova, Jessica Nahulan, and Jordan Harband - #42675 Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
【2020年】CTF Web問題の攻撃手法まとめ - こんとろーるしーこんとろーるぶい
Shell Script Best Practices — The Sharat's
とほほのPowerShell入門 - とほほのWWW入門
research!rsc: The xz attack shell script
January 2021 (version 1.53)
Rust: A Critical Retrospective « bunnie's blog
World's First MIDI Shellcode
"�[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs
0.10.0 Release Notes ⚡ The Zig Programming Language
What’s New in POSIX 2024 – XCU
Who needs Graphviz when you can build it yourself?
What's New in Emacs 28.1?
Vim9 script for Python Developers · GitHub
Scientific Computing in Rust - aftix's dominion
April 2021 (version 1.56)
March 2021 (version 1.55)
PROJEKT: OVERFLOW
How virtual environments work