Skip to content

Instantly share code, notes, and snippets.

View leommxj's full-sized avatar
☂️
带伞不下雨下雨不带伞

Leopold leommxj

☂️
带伞不下雨下雨不带伞
154 followers · 95 following
View GitHub Profile
@stypr
stypr / account_takeover.py
Last active April 24, 2025 10:19
Samsung 5G Mobile Router(SCR01) Account Takeover 0day
import os
import time
import uuid
import requests
requests.packages.urllib3.disable_warnings()
headers = {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:136.0) Gecko/20100101 Firefox/136.0",
"Accept": "application/json, text/plain, */*",
"Accept-Language": "en-US,en;q=0.5",
@loknop
loknop / writeup.md
Last active November 13, 2025 20:37
Solving "includer's revenge" from hxp ctf 2021 without controlling any files

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

@icecr4ck
icecr4ck / ida_mc_notes.md
Last active November 21, 2025 11:34
Some notes about the IDA Microcode (intermediate language).
@ValdikSS
ValdikSS / huawei-fw-list.txt
Last active December 1, 2025 19:00
Huawei firmware files found on update server
==========================================================================
DO NOT WRITE ANY QUESTIONS IN COMMENTS
==========================================================================
This is not appropriate place for discussions. Keep this list FW-only.
I do NOT have any firmware files apart from published here or on 4pda. Please do not contact me for firmware files requests.
This is a list of files found on Huawei update server by brute-forcing URL parameters.
Some firmware files have changelogs. Just change file name to "changelog.xml" in the end of the URL.
@Jinmo
Jinmo / jni_all.h
Created May 26, 2017 07:36
Useful when reversing JNI on IDA Pro
/*
* Copyright (c) 1996, 1998, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*