Skip to content

Instantly share code, notes, and snippets.

Avatar

Will Donohoe McSimp

View GitHub Profile
View Engine.lua
This file has been truncated, but you can view the full file.
-- ###################################
-- # Borderlands 2 SDK
-- # Package: Engine
-- # File Contents: Class definitions
-- ###################################
local ffi = require("ffi")
ffi.cdef[[
@McSimp
McSimp / items.json
Last active Oct 3, 2016
All items in Starbound (excluding generated items) for Offended Koala
View items.json
{
"back": {
"toxicwasteback": {
"iconPath": "items/armors/backitems/toxicwaste/toxicwastebackicon.png",
"itemPath": "items/armors/backitems/toxicwaste/toxicwaste.back"
},
"ironarmoravianback": {
"iconPath": "items/armors/avian/ironarmoravian/icons.png:back",
"itemPath": "items/armors/avian/ironarmoravian/ironarmoravian.back"
},
@McSimp
McSimp / Starbound SHA256 Bug.md
Last active Aug 29, 2015
Details of a bug in the SHA256 implementation in Starbound
View Starbound SHA256 Bug.md

Bug Details

The bug comes from the first if statment in sha256_final (or whatever you've called it in your code).

Yours looks like OpenSSL's, except the if statement on line 375 of md32_common.h in OpenSSL (https://github.com/openssl/openssl/blob/master/crypto/md32_common.h#L375) evaluates to if (n > 56), whereas yours evaluates to the equivalent of if (n > 55), producing erroneous hashes for data of length 55.

int HASH_FINAL (unsigned char *md, HASH_CTX *c)
{
  unsigned char *p = (unsigned char *)c->data;
View templates.cpp
#include "CNetMessageRegistration.hpp"
#include "CNetMessage.hpp"
#include "gm/Lua.hpp"
#include "gm/CStateManager.hpp"
using namespace GarrysMod::Lua;
template <class T, int (T::*F)(CLuaInterface& Lua)>
int LuaBindThunk(lua_State* L)
{
View CySCA 2014 Web Pentest.md

CySCA 2014 - Web Application Pentest

The CySCA organizers have released a VM image with most of the challenges from CySCA 2014, which you can grab from http://goo.gl/6ftZ39 to play with. Here are my solutions to the Web Application Pentest section.

Club Status

Only VIP and registered users are allowed to view the Blog. Become VIP to gain access to the Blog to reveal the hidden flag.

View keybase.md

Keybase proof

I hereby claim:

  • I am mcsimp on github.
  • I am willdonohoe (https://keybase.io/willdonohoe) on keybase.
  • I have a public key whose fingerprint is 8144 357B BD8A B4AA 0894 F5C0 0F85 B0F4 D305 4C78

To claim this, I am signing this object:

View GameDefines.h
/*
#############################################################################################
# Game: Borderlands 2 #
# Version: 1.0.8364.0 #
# ========================================================================================= #
# File: GameDefines.h #
#############################################################################################
*/
#ifdef _MSC_VER
@McSimp
McSimp / strength.py
Created Apr 19, 2015
Plaid CTF 2015 - Strength
View strength.py
data = [
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743L, 0x1614984a0df, 0x7ded5789929000e4d7799f910fdbe615824d04b055336de784e88ba2d119f0c708c3b21e9d551c15967eb00074b7f788d3068702b2209e4a3417c0ca09a0a2da4378aa0b16d20f2611c4658e090e7080c67dda287e7a91d8986f4f352625dceb135a84a4a7554e6b5bd95050876e0dca96dc21860df84e53962d7068cebd248dL],
[0xa5f7f8aaa82921f70aad9ece4eb77b62112f51ac2be75910b3137a28d22d7ef3be3d734dabb9d853221f1a17b1afb956a50236a7e858569cdfec3edf350e1f88ad13c1efdd1e98b151ce2a207e5d8b6ab31c2b66e6114b1d5384c5fa0aad92cc079965d4127339847477877d0a057335e2a761562d2d56f1bebb21374b729743L, 0x15ef25e10f54a3, 0x7c5b756b500801e3ad68bd4f2d4e1a3ff94d049774bc9c37a05d4c18d212c5b223545444e7015a7600ecff9a75488ed7e609c3e931d4b2683b5954a5dc3fc2de9ae3392de4d86d77ee4920fffb13ad59a1e08fd25262a700eb26b3f930
@McSimp
McSimp / adcap-decode.js
Created May 6, 2015
Adventure Capitalist Decoding
View adcap-decode.js
var lzf = require('lzf');
var crypto = require('crypto');
function DecodeSaveData(data) {
// Format is: .<Base64 encoded LZF compressed data>|<MD5 hash of data>
if (data.indexOf('.') !== 0) {
throw Error('Invalid save data');
}
var splitStr = data.substr(1).split('|');
View csaw-2017-funtime.js
console.log("Starting");
function findData(lookFor) {
var MEM_START_OFFSET = 1;
var memBuffer = new Uint8Array(__SYSCALL.getSystemResources().memoryRange.block(MEM_START_OFFSET, 0x7FFFFFFF).buffer());
var locs = [];
for (var i = 0; i < 0x2000000; i++) {
var found = true;
for (var j = 0; j < lookFor.length; j++) {
if (memBuffer[i+j] != lookFor[j]) {
You can’t perform that action at this time.