This is an exploit for HoleyBeep.
To use it, place any command you want root to execute in /tmp/x.
$ cat /tmp/x
echo PWNED $(whoami)
Tobias Mayer GanbaruTobi
SamantazFox
/ wintypes.h
Last active
June 3, 2024 17:52
Header containing all C types used by the Microsoft Win32 API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * wintypes.h | |
| * | |
| * Windows Data Types | |
| * Copyright 2020 (c) Samantaz Fox | |
| * | |
| * This file is in the public domain. | |
| * Feel free to copy, modify, redistribute it! | |
| * |
GanbaruTobi
/ brute_keepass.py
Last active
January 3, 2020 12:22
keepass unsupported version slow bruteforce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import pexpect | |
| with open('Passwords.txt') as passwords: | |
| for password in passwords: | |
| p = pexpect.spawn('/bin/bash -c "keepassxc-cli open test.kdbx"') | |
| p.expect("Enter password to unlock") | |
| p.sendline(password) | |
| p.timeout = 2 |
crowell
/ pwning_with_radare.md
Last active
December 28, 2020 08:59
radare2 is a very cool set of tools that you probably don't know how to use! Let's go through a simple exploit CTF challenge to understand how to use it for exploit development.
We'll be focusing on "ropasaurus rex" which is a simple challenge from Plaid CTF After checking out the latest and greatest radare from git, let's get started!
Open up ropasaurusrex in r2 and call analyze on the binary. We can list the functions with "afl"