Script to recover mt_rand()'s seed with only two outputs and without any bruteforce.
☆162Jan 6, 2020Updated 6 years ago
Alternatives and similar repositories for mt_rand-reverse
Users that are interested in mt_rand-reverse are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- My Real World CTF challenges☆115Sep 19, 2019Updated 6 years ago
- My CTF Challenges☆218Jan 4, 2026Updated 5 months ago
- Pwn stuff.☆1,813May 31, 2022Updated 4 years ago
- a simple tool to detect potential security threat in php code☆316Sep 9, 2024Updated last year
- Multi-language web CGI interfaces exploits.☆395Aug 22, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆17May 29, 2018Updated 8 years ago
- ☆119Mar 21, 2020Updated 6 years ago
- ☆131Jun 17, 2022Updated 4 years ago
- procfs-based PHP sandbox bypass☆133Sep 19, 2018Updated 7 years ago
- Those are my challenges for multiple CTF!☆10Mar 17, 2024Updated 2 years ago
- Writeup and environment for XCTF2021Final-Dubbo☆44May 31, 2021Updated 5 years ago
- Challenges I created for 35c3☆48Dec 31, 2018Updated 7 years ago
- PHP 扩展, 用于 PHP-FPM、FastCGI、LD_PRELOAD等模式下突破 disabled_functions☆106Sep 8, 2021Updated 4 years ago
- Code-Breaking Puzzles☆291Apr 6, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- MySQL fake server for read files of connected clients☆606Jul 23, 2017Updated 8 years ago
- Some of my exploits.☆604Feb 25, 2021Updated 5 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 10 years ago
- Bypassing disabled exec functions in PHP (c) CRLF☆405Oct 2, 2020Updated 5 years ago
- CVE-2020-8163 - Remote code execution of user-provided local names in Rails☆61Dec 14, 2022Updated 3 years ago
- 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具☆737Jun 2, 2023Updated 3 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,836Sep 29, 2025Updated 9 months ago
- ☆19Aug 1, 2019Updated 6 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆358Sep 20, 2022Updated 3 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,193Oct 17, 2023Updated 2 years ago
- writeups for our challenges☆147Dec 11, 2022Updated 3 years ago
- PHP Runtime Vulnerability Detection☆480May 25, 2019Updated 7 years ago
- PoC for CVE-2018-15133 (Laravel unserialize vulnerability)☆259Mar 10, 2024Updated 2 years ago
- ☆78Feb 16, 2020Updated 6 years ago
- 为应对CTF比赛而搭建的各种环境☆153May 9, 2020Updated 6 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213May 19, 2020Updated 6 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- ☆837Jun 7, 2022Updated 4 years ago
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,373Nov 18, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- some java code i met or i used☆29May 7, 2019Updated 7 years ago
- attackRmi☆259Oct 14, 2020Updated 5 years ago
- Exploit for CVE-2019-11043☆1,835Nov 12, 2019Updated 6 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,087Jun 15, 2021Updated 5 years ago