This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import tempfile | |
import os | |
import string | |
import random | |
def randstr(): | |
return ''.join(random.choice(string.ascii_uppercase + string.digits + string.ascii_lowercase) for _ in range(10)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/local/bin/python2 | |
import time | |
import telnetlib | |
import sys | |
import binascii | |
import struct | |
import socket | |
import random | |
def randstr(length=10): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys | |
class Node(object): | |
def __init__(self, name): | |
self.name = name | |
self.stmts = [] | |
self.successors = [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As was the case last year, this year's Insomni'hack featured a multi-player game and 3 challenges requiring us to | |
hack the game in order to get the flags | |
It was a Unity based game and was written in C#, the core of the game logic was in the Assembly-CSharp.dll and I used dnSpy | |
(https://github.com/0xd4d/dnSpy) to decompile the DLL and understand the logic and modify the game. | |
Nightcrawler: | |
This challenge required us to activate 4 buttons within a 6 second window, the game used a master client architecture | |
where activating a button would trigger an RPC call to the master client which would keep track of the challenges based |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// JIT the target function that we will overwrite with our shellcode, even though W ^ X was already in HEAD when I wrote the exploit | |
// It was not enabled for the release version at the time | |
function yolo(o) { | |
var tmp = o ** 2 + o; | |
tmp *= 17; | |
tmp += o ** 37; | |
return tmp; | |
} | |
yolo(3); | |
yolo(4); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#import <Foundation/Foundation.h> | |
#import <Cocoa/Cocoa.h> | |
@protocol NetStorageXPCObjectHandler | |
- (void)lock; | |
- (void)unlock; | |
- (void)deleteAllResponses; | |
- (void)dealloc; | |
@end |
OlderNewer