Skip to content

Instantly share code, notes, and snippets.

View aelmosalamy's full-sized avatar

Adham Elmosalamy aelmosalamy

35 followers · 21 following
View GitHub Profile
@aelmosalamy
aelmosalamy / 0xClinic Writeup.md
Last active January 25, 2026 15:45

0xClinic (Web) - 0xL4ugh CTF v5

We seem to have some cache-related functionality, however they are conflicting.

In Flask, we have:

@app.middleware("http")
async def add_no_cache_headers(request: Request, call_next):
    response = await call_next(request)
    response.headers['Pragma'] = 'no-cache'
 response.headers['Expires'] = '0'
@aelmosalamy
aelmosalamy / CVE-2024-53924.md
Last active April 18, 2025 16:10

CVE-2024-53924

  • Description: Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IF(A1=200, eval("import('os').system( substring.
  • Author: Adham Elmosalamy (@aelmo)
  • Date of Disclosure: November 23, 2024
  • Link: https://nvd.nist.gov/vuln/detail/CVE-2024-53924

Summary

Pycel, a Python library for working with Excel worksheets including symbolic safe evaluation of Excel formulas suffer from a code execution vulnerability where Python-native functions that are otherwise blocked could be executed using specially crafted Excel formulas. This allows an attacker to provide a malicious document that leads to code execution when evaluated by Pycel.

@aelmosalamy
aelmosalamy / x
Last active December 29, 2024 00:03
x
alert(origin)
@aelmosalamy
aelmosalamy / i3.config
Last active November 8, 2021 10:45
Orange-ish i3-gaps with dmenu. I don't use polybar anymore.
# This file has been auto-generated by i3-config-wizard(1).
# It will not be overwritten, so edit it as you like.
#
# Should you change your keyboard layout some time, delete
# this file and re-run i3-config-wizard(1).
#
# i3 config file (v4)
#
# Please see https://i3wm.org/docs/userguide.html for a complete reference!