Bruno Keith bkth
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import subprocess | |
| def run_cmd(s): | |
| return subprocess.check_output(s.split()) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import telnetlib | |
| import sys | |
| import binascii | |
| import struct | |
| import socket | |
| def info(s): | |
| print "[*] %s" % s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import telnetlib | |
| import sys | |
| import binascii | |
| import struct | |
| import socket | |
| # OOB access inside the ascii art table with \x7f letting us access the first 6 qwords of our input | |
| # overwrite return address on stack to make ESP point to our buffer which jumps to system@plt with the stack setup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import telnetlib | |
| import sys | |
| import binascii | |
| import struct | |
| import socket | |
| HOST = "127.0.0.1" if len(sys.argv) < 2 else sys.argv[1] | |
| PORT = 1337 if len(sys.argv) < 2 else int(sys.argv[2]) | |
| TARGET = (HOST, PORT) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # the encoding is | |
| # first four bits are the depth in the tree encoded | |
| # next 8 bits is the character encoded | |
| # next X bits is the position in the tree encoded with the depth given by the first four bits | |
| # The file has the following structure | |
| # Each tree node encoded + 4 bits set to zero + each original character encoded by its position in the tree + few bits at the end | |
| bits = [] |
bkth
/ skybot_exploit.py
Last active
March 26, 2017 22:27
exploit script for skybot (insomnihack ctf 2017)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from pwn import * | |
| import time | |
| def recv_menu(): | |
| return s.recvuntil('>>> ') | |
NewerOlder