commit 0b3474087fa5837a010cf5ecc10d7c31f6d8e65f Author: Leonardo Maccari Date: Fri Mar 1 17:28:39 2019 +0100 ARP spoofing diff --git a/mydefs.tex b/mydefs.tex index e69de29..c661e02 100644 --- a/mydefs.tex +++ b/mydefs.tex @@ -0,0 +1,204 @@ + +\begin{SaveVerbatim}{magic} +; Magic quotes +; Magic quotes for incoming GET/POST/Cookie data. +magic_quotes_gpc = Off +; Magic quotes for runtime-generated data +magic_quotes_runtime = Off +; Use Sybase-style magic quotes +; (escape ' with '' instead of \'). +magic_quotes_sybase = Off +\end{SaveVerbatim} + +\begin{SaveVerbatim}{prepared} +$db_connection = new mysqli("localhost", + "user", "pass", "db"); +$statement = $db_connection->prepare(" + SELECT campo FROM tabella WHERE id = ?"); +$statement->bind_param("i", $id); +$statement->execute(); +\end{SaveVerbatim} + + + +\begin{SaveVerbatim}{ARP-request} +16:09:31.478260 arp who-has vedo.lenst-int tell dhcp-32.lenst-int +16:09:31.481740 arp reply vedo.lenst-int is-at 00:10:5a:18:68:d8 +\end{SaveVerbatim} + +\begin{SaveVerbatim}{ARP-protocol} +?Do I have that hardware type ? +Yes: (almost definitely) + ?Do I speak that protocol ? + Yes: + If the pair is + already in my translation table, update the sender + hardware address field of the entry with the new + information in the packet and set Merge\_flag to true. + ?Am I the target protocol address? + Yes: + [...] +\end{SaveVerbatim} + + +\begin{SaveVerbatim}{index} + +
+ User: +
+ Password: + +
+ +\end{SaveVerbatim} + +\begin{SaveVerbatim}{retrieve} + + + +\end{SaveVerbatim} + +\begin{SaveVerbatim}{esempio} +#include +#include + +int stampa(char * ); + +int main(int argc, char ** argv) +{ + if (argv[1]!=NULL) + stampa(argv[1]); + else + printf("niente da stampare\n"); +} + +int stampa(char * parola) +{ + char testo[10]; + strcpy(testo, parola); + printf("la parola da stampare e': %s\n", testo); + +} +\end{SaveVerbatim} + +\begin{SaveVerbatim}{index2} + +
+Scrivi qualcosa : + + +
+ +\end{SaveVerbatim} + + +\begin{SaveVerbatim}{echo} + +\end{SaveVerbatim} +\begin{SaveVerbatim}{index3} + +

login

+
+User: + +
+Password: + + +
+ + +\end{SaveVerbatim} + +\begin{SaveVerbatim}{cookie} + + Input: + +
+ + + END; +} +else + echo "L'utente non esiste\n"; +?> +\end{SaveVerbatim} +\begin{SaveVerbatim}{check} + + + +\end{SaveVerbatim} +\begin{SaveVerbatim}{get} + +\end{SaveVerbatim} + +\begin{SaveVerbatim}{fbug} +#include +#include + +int stampa(char * ); + +int main(int argc, char ** argv) +{ + + if (argv[1]!=NULL) + printf(argv[1]); + else + printf("niente da stampare"); + printf("\n"); +} +\end{SaveVerbatim} + +\begin{SaveVerbatim}{out1} +leonardo@ciclope\$ ./esempio "\%x \%x" +8049ff4 bfae9ee8 +\end{SaveVerbatim} + + +\begin{SaveVerbatim}{out2} +leonardo@ciclope\$ ./esempio "aaaaa \%x \%x" +aaaaa 8049ff4 bfae9ee8 +\end{SaveVerbatim} +\begin{SaveVerbatim}{out3} +int pos, x = 235, y = 93; +printf("\%d \%n\%d\n", x, &pos, y); +printf("The offset was \%d\n", pos); +\end{SaveVerbatim} + +\begin{SaveVerbatim}{out4} +printf("\%.50d \%n\%d\n", x, &pos, y); +\end{SaveVerbatim}