The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
id uid=1000(username) gid=1000(username) groups=1000(username)
uname -a ; pwd ; ip a s ; w ; who ; pinky ; lspci ; cat /proc/cpuinfo ; ss -ltp | cat ; pstree -p ; ls /var/cache/apt/archives/ -rthl | tail lol no.
thsf.js --open-new-tab-lol # 2017-05-25 - 2017-05-28 - Toulouse !'');'');
ls -rtlh --time-style="+%Y" total 23M -rw-r--r-- 1 username username 15M 2016 catacombes.jpg -rw-r--r-- 1 username username 473K 2016 vim.7z -rw-r--r-- 1 username username 17K 2016 favicon.ico -rw-r--r-- 1 username username 5.0M 2016 unicode.txt -r--r--r-- 1 username username 2.2K 2016 ca.pem -rw-r--r-- 1 username username 1.6K 2016 ca.cer -rw-r--r-- 1 username username 2016 unicode.php -rw-r--r-- 1 username username 2016 blog.php drwxrwx--x 2 username username 4.0K 2016 pixels -rw-r--r-- 1 username username 35 2016 robots.txt -rw-r--r-- 1 username username 35K 2016 escape.html drwxr-xr-x 2 username username 4.0K 2016 blog -rw-r--r-- 1 username username 5.9K 2016 hyperlinks.html -rw-r--r-- 1 username username 2016 y.php -rw-r--r-- 1 username username 2016 x.php drwxr-xr-x 3 username username 4.0K 2016 upload -rw-r--r-- 1 username username 2017 http.php drwxr-xr-x 53 username username 4.0K 2017 projects drwxr-xr-x 2 username username 4.0K 2017 thsfxx -rw-r--r-- 1 username username 17K 2017 oneliners.txt -rw-r--r-- 1 username username 5.7K 2017 runtimes.html drwxr-xr-x 3 username username 4.0K 2017 pocorgtfo -rw-r--r-- 1 username username 7.5K 2017 index.html
show stuff 1. HTML-ES experiments : escape.html browser escape HTML page player.html standalone XHR auto-indexing audio player webcam.html standalone webcam mirror 4-nibbles standalone unicode data packing 4-nibbles unicode data packing 5-nibbles unicode data packing homograph.html unicode homograph creation reader.html standalone live IRC log viewer (XHR + ii) 2. Things I want to do some day : Learn the IRC protocol and perform a security benchmark of IRC servers Script the extraction of configuration decryption keys from known malwares Redact some binary exploitation documentation runtimes.html Write a HTTP server lol 3. Protips : oneliners.txt 4. HTTP-related stuff : /upload/ upload web page full.txt 10 random unicode characters http.php http data, User-Agent collection, etc x.php informations of a HTTP request y.php?data=x text/plain $_GET['data'] ca.pem HTTPS CA 5. HTML Hyperlinks : hyperlinks.html : more hyperlinks. /pocorgtfo/ : a neighbourly mirror of sympathetic byte arrays 6. Things I am waiting for : TLS client certificate authentication : automated, scalable, native 7. Binary experiments / OSDevIndex.html doc.html (404) debian virtual interfaces and vms management scripts Reversing experiments around Symantec Whole Disk Encryption solution. (WIP 20170319) (TODO URGENTLY FOR THE THSF LOL) 8. Twitter accounts : 9. Old productions, will be added to the index one day blog.php blog-A some old blog entries from 2013 blog-B some old blog entries from 2014 10. Very old code which comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law /projects/ 11. Abandoned ideas Write hashcat module for WEP40/104 Learn the fax protocol (T.38?) and fuzz devices. Who wouldn't want a RCE over PSTN ? ngx_http_autoindex_module.c where an integer underflow caused by timestamp 0 and timezones could cause sprintf to write more than 4 bytes of year in the page. Processes have segfaulted Some program identifying the GPS coordinates from a picture containing a line of sight with mountains / skylines Low latency screen sharing on LAN A lot of powershell one-liners. This language is not fun A PoC highlighting the two-way nature of TCP in order to prove that firewalling inbound/outbound traffic has no incidence on pwnage spreading De-pixelating pictures posted on twitter by anonymous accounts
python3 -c 'print("lol")' lol
todo end this page with some one-liner executing EB:FE (jmp -1) k