christianpanton
/ boom.ipynb
Last active
September 29, 2022 09:26
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
christianpanton
/ keybase-import-keys.py
Last active
September 14, 2015 09:44
Import public keys of already tracked users from Keybase, useful if you use Keybase on multiple computers or after reinstall.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ WARNING: crypto is hard to do right, bugs are hard to discover. Don't use if you life depends on it. """ | |
| import os.path | |
| from subprocess import Popen, PIPE | |
| import json | |
| # requests and beautifulsoup should be in your favorite package manager already | |
| import requests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Basicly the same idea as the previous challenge. | |
| Instead of getting an explicit location for the return | |
| value needed to jump to the start of the shellcode, we | |
| need to find a register that holds that start (in this | |
| case $eax points to the start of the buffer, so we are | |
| in luck) and find some code inside the binary that jumps | |
| there. That we can find with ROPGadget. | |
| The tips were really helpful. |
christianpanton
/ 0 README
Last active
August 29, 2015 14:10
Prosa CTF 2014 "bufferoverflow.c" writeup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The service asks for two inputs. Both are placed on | |
| the stack. The second buffer can be overflowed (accepts | |
| 512 bytes, buffer size is 128), and you can replace | |
| the return value on the stack with the beginning for the | |
| first buffer. | |
| The service is nice to tell us where the first buffer | |
| is located. So we overwrite the return value at 128 + 12 | |
| on the stack, with the location which the service told | |
| the first buffer was located. So we can fill that stack |