Skip to content

Instantly share code, notes, and snippets.

View scoreboard-nsec2020.txt
TEAM | POINTS | LAST SUBMIT
----------------------------------+--------+-------------------
<CA> HubrETS Hackin'' | 155 | 2020/05/17 14:58
<CA> Les Gentils Pirates | 133 | 2020/05/17 14:42
<CA> CLICKESTI | 129 | 2020/05/17 14:07
<US> Skiddies as a Service | 125 | 2020/05/17 14:44
<CA> cold_root | 116 | 2020/05/17 14:38
<CA> Panique Au Village | 94 | 2020/05/17 14:47
<CA> Shopify | 84 | 2020/05/17 14:47
<CA> segfaults | 77 | 2020/05/17 14:55
View exploit.py
from pwn import *
#r = process("./beatmeonthedl")
r = remote('sploitbox.com', 10001)
r.recvuntil("Enter username: ")
r.sendline("mcfly")
r.recvuntil("Enter Pass: ")
r.sendline("awesnap")
View gist:25e350b03899b4bf7407ecc69841bc43
org/mvel2/MVEL.eval(Ljava/lang/String;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Lorg.mvel2.integration.VariableResolverFactory;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava/lang/Object;Lorg.mvel2.integration.VariableResolverFactory;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava.util.Map;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava/lang/Object;Ljava.util.Map;)Ljava/lang/Object;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Lorg/mvel2/Class;)Lorg/mvel2/T;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava/lang/Object;Lorg/mvel2/Class;)Lorg/mvel2/T;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Lorg.mvel2.integration.VariableResolverFactory;Lorg/mvel2/Class;)Lorg/mvel2/T;:0
org/mvel2/MVEL.eval(Ljava/lang/String;Ljava.util.Map;Lorg/mvel2/Class;)Lorg/mvel2/T;:0
View solve_toxic_maze.py
import Queue as queue
WORLD_SIZE = 25
world = open("grid1.txt").read().replace("S","-1").replace("E","-1").split("\n")[:WORLD_SIZE]
map_state = []
for i in range(WORLD_SIZE):
world[i] = world[i].split(",")
world[i] = map(int, world[i])
View sponge.py
from Crypto.Cipher import AES
from SocketServer import ThreadingMixIn
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
import sys
import random
import os
class Hasher:
def __init__(self):
self.aes = AES.new('\x00'*16)
View challenge2.py
from pwn import *
import struct
import md5
r = remote('127.0.0.1', 4322)
h = "c237457a8badc2f92b66ace8dc6669e5".decode("hex")
state = list(struct.unpack("<4I", h))
#md5.md5_compress(state, final_block)
View parlor.py
from pwn import *
import struct
import md5
r = remote('127.0.0.1', 4321)
print(r.recvuntil("quit\n====================\n"))
r.sendline("1")
print(r.recvuntil("Please pick odds (as a power of 2 between 1 and 112): "))
View md5.py
#!/usr/bin/python
#
# Derived from:
#
# MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
#
# Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
# rights reserved.
#
# License to copy and use this software is granted provided that it
@HoLyVieR
HoLyVieR / hmac-crc.py
Last active Dec 24, 2019
HMAC-CRC Solution
View hmac-crc.py
#!/usr/bin/env python
"""
Utility fonction to convert from one form to an other
"""
def to_bits(length, N):
return [int(i) for i in bin(N)[2:].zfill(length)]
def from_bits(N):
return int("".join(str(i) for i in N), 2)
View gist:69aa3d42077f17ffa7a8
<?php
$kh="0123";
$kf="26d5";
function xor($t,$k){
$c=strlen($k);
$l=strlen($t);
$o="";
for($i=0;$i<$l;){
for($j=0;($j<$c&&$i<$l);$j++,$i++){