Skip to content

Instantly share code, notes, and snippets.

View McSimp's full-sized avatar

Will Donohoe McSimp

54 followers · 8 following
View GitHub Profile
@McSimp
McSimp / Engine.lua
Created May 15, 2013 08:46
This file has been truncated, but you can view the full file.
-- ###################################
-- # Borderlands 2 SDK
-- # Package: Engine
-- # File Contents: Class definitions
-- ###################################
local ffi = require("ffi")
ffi.cdef[[
@McSimp
McSimp / items.json
Last active October 3, 2016 00:11
All items in Starbound (excluding generated items) for Offended Koala
{
"back": {
"toxicwasteback": {
"iconPath": "items/armors/backitems/toxicwaste/toxicwastebackicon.png",
"itemPath": "items/armors/backitems/toxicwaste/toxicwaste.back"
},
"ironarmoravianback": {
"iconPath": "items/armors/avian/ironarmoravian/icons.png:back",
"itemPath": "items/armors/avian/ironarmoravian/ironarmoravian.back"
},
@McSimp
McSimp / Starbound SHA256 Bug.md
Last active August 29, 2015 13:56
Details of a bug in the SHA256 implementation in Starbound

Bug Details

The bug comes from the first if statment in sha256_final (or whatever you've called it in your code).

Yours looks like OpenSSL's, except the if statement on line 375 of md32_common.h in OpenSSL (https://github.com/openssl/openssl/blob/master/crypto/md32_common.h#L375) evaluates to if (n > 56), whereas yours evaluates to the equivalent of if (n > 55), producing erroneous hashes for data of length 55.

int HASH_FINAL (unsigned char *md, HASH_CTX *c)
{
 unsigned char *p = (unsigned char *)c->data;
@McSimp
McSimp / templates.cpp
Last active August 29, 2015 13:56
#include "CNetMessageRegistration.hpp"
#include "CNetMessage.hpp"
#include "gm/Lua.hpp"
#include "gm/CStateManager.hpp"
using namespace GarrysMod::Lua;
template <class T, int (T::*F)(CLuaInterface& Lua)>
int LuaBindThunk(lua_State* L)
{
@McSimp
McSimp / CySCA 2014 Web Pentest.md
Created June 7, 2014 05:42

CySCA 2014 - Web Application Pentest

The CySCA organizers have released a VM image with most of the challenges from CySCA 2014, which you can grab from http://goo.gl/6ftZ39 to play with. Here are my solutions to the Web Application Pentest section.

Club Status

Only VIP and registered users are allowed to view the Blog. Become VIP to gain access to the Blog to reveal the hidden flag.

@McSimp
McSimp / keybase.md
Created September 20, 2014 08:44

Keybase proof

I hereby claim:

  • I am mcsimp on github.
  • I am willdonohoe (https://keybase.io/willdonohoe) on keybase.
  • I have a public key whose fingerprint is 8144 357B BD8A B4AA 0894 F5C0 0F85 B0F4 D305 4C78

To claim this, I am signing this object:

@McSimp
McSimp / GameDefines.h
Created February 25, 2015 23:17
/*
#############################################################################################
# Game: Borderlands 2 #
# Version: 1.0.8364.0 #
# ========================================================================================= #
# File: GameDefines.h #
#############################################################################################
*/
#ifdef _MSC_VER
@McSimp
McSimp / strength.py
Created April 19, 2015 07:52
Plaid CTF 2015 - Strength
data = [
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743L, 0x1614984a0df, 0x7ded5789929000e4d7799f910fdbe615824d04b055336de784e88ba2d119f0c708c3b21e9d551c15967eb00074b7f788d3068702b2209e4a3417c0ca09a0a2da4378aa0b16d20f2611c4658e090e7080c67dda287e7a91d8986f4f352625dceb135a84a4a7554e6b5bd95050876e0dca96dc21860df84e53962d7068cebd248dL],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743L, 0x15ef25e10f54a3, 0x7c5b756b500801e3ad68bd4f2d4e1a3ff94d049774bc9c37a05d4c18d212c5b223545444e7015a7600ecff9a75488ed7e609c3e931d4b2683b5954a5dc3fc2de9ae3392de4d86d77ee4920fffb13ad59a1e08fd25262a700eb26b3f930
@McSimp
McSimp / adcap-decode.js
Created May 6, 2015 07:45
Adventure Capitalist Decoding
var lzf = require('lzf');
var crypto = require('crypto');
function DecodeSaveData(data) {
// Format is: .<Base64 encoded LZF compressed data>|<MD5 hash of data>
if (data.indexOf('.') !== 0) {
throw Error('Invalid save data');
}
var splitStr = data.substr(1).split('|');
@McSimp
McSimp / csaw-2017-funtime.js
Created September 24, 2017 16:25
console.log("Starting");
function findData(lookFor) {
var MEM_START_OFFSET = 1;
var memBuffer = new Uint8Array(__SYSCALL.getSystemResources().memoryRange.block(MEM_START_OFFSET, 0x7FFFFFFF).buffer());
var locs = [];
for (var i = 0; i < 0x2000000; i++) {
var found = true;
for (var j = 0; j < lookFor.length; j++) {
if (memBuffer[i+j] != lookFor[j]) {