I hereby claim:
- I am becojo on github.
- I am becojo (https://keybase.io/becojo) on keybase.
- I have a public key ASDdAmE0DZMvcJtrbYQh4avfIgjYG5KNDc-2o4Ug8s3Y4Ao
To claim this, I am signing this object:
Becojo
/ overflow.c
Created
May 17, 2017 21:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc -fno-stack-protector -z execstack overflow.c -o overflow | |
| #include <stdio.h> | |
| int main(int argc, char *argv[]) { | |
| char buf[200]; | |
| printf("%p\n", &buf); | |
| gets(buf); |
Becojo
/ keybase.md
Created
November 18, 2016 15:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'http' | |
| charsets = { | |
| '[A-M]' => ('A'..'M').to_a, | |
| '[N-Z]' => ('N'..'Z').to_a, | |
| '[a-m]' => ('a'..'m').to_a, | |
| '[n-z]' => ('n'..'z').to_a, | |
| '[0-9]' => ('0'..'9').to_a, | |
| '[_\-\?!#$%]' => ["_", "-", '\?', '!', '#', '$', '%'] | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| print$ARGV[0]=~s/(\w\W*\w)/ucfirst$1/egr; |
Becojo
/ MMA CTF 2015 - Login As Admin!(2).md
Created
September 11, 2015 19:37
MMA CTF 2015 - Login As Admin!(2)
| http://login2.chal.mmactf.link/ | Web | 200 points |
|---|
This challenge, at first, didn't seem vulnerable. Using the test credentials that were provided, we see that a random token is assigned to the user in a cookie named ss.
I finally stumbled onto something interesting when I submited a request the cookie ss present but with an empty value.
$ curl "http://login2.chal.mmactf.link/" --cookie "ss="
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'canal' | |
| if ARGV.empty? | |
| puts %q{usage: hexdump [hex hex hex ...]} | |
| else | |
| puts ARGV.map(&canal.chars | |
| .each_slice(2) | |
| .to_a |
Becojo
/ gist:385d31be4074ac0e279e
Created
January 11, 2015 17:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {-# LANGUAGE FlexibleInstances, IncoherentInstances #-} | |
| import Control.Monad | |
| data Id a = Id a | |
| deriving Show | |
| instance Monad Id where | |
| (Id x) >>= f = f x | |
| return = Id |
Becojo
/ gist:f1e10c01d15710731230
Created
January 5, 2015 00:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Utils do | |
| def fix(f, x) do | |
| f.(&(fix(f, &1)), x) | |
| end | |
| def fix(f) do | |
| fn x -> | |
| fix(f, x) | |
| end | |
| end |
Becojo
/ verysmooth.pde
Created
December 27, 2014 14:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Very Smooth | |
| // BCJ - 2014 | |
| // http://log.becojo.me/post/106249890689 | |
| int n = 360; | |
| float a = TWO_PI / n, | |
| d = 150, | |
| z = 100, | |
| p = 50, | |
| v = 2, |