I hereby claim:
- I am crowell on github.
- I am crowell (https://keybase.io/crowell) on keybase.
- I have a public key whose fingerprint is 18FE A02F 514F 0686 6F9D D996 31FC C941 8A1C 34BC
To claim this, I am signing this object:
Jeffrey Crowell crowell
🐢
crowell
/ debruijn.c
Last active
January 17, 2023 15:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // De Bruijn pattern generator. | |
| // Jeffrey Crowell | |
| #include "debruijn.h" | |
| char* peda_charset = | |
| "A%sB$nC-(D;)Ea0Fb1Gc2Hd3Ie4Jf5Kg6Lh7Mi8Nj9OkPlQmRnSoTpUqVrWsXtYuZvwxyz"; | |
| // Generate a De Bruijn sequence. Code interpreted from wikipedia. | |
| void db(int t, int p, int n, int maxlen, int k, int* a, char* sequence, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| x = IO.read(ARGV[0]) | |
| y = x.split("\n")[0...8].reverse | |
| arr = [[], [], [], [], [], [], [], [], []] | |
| arr2 = [[], [], [], [], [], [], [], [], []] | |
| y.each do |i| | |
| m = /^.(.)...(.)...(.)...(.)...(.)...(.)...(.)...(.)...(.).$/.match(i) | |
| (1..9).each do |j| | |
| ch = m[j] | |
| unless ch == ' ' | |
| arr[j - 1] << ch |
crowell
/ pwning_with_radare.md
Last active
December 28, 2020 08:59
radare2 is a very cool set of tools that you probably don't know how to use! Let's go through a simple exploit CTF challenge to understand how to use it for exploit development.
We'll be focusing on "ropasaurus rex" which is a simple challenge from Plaid CTF After checking out the latest and greatest radare from git, let's get started!
Open up ropasaurusrex in r2 and call analyze on the binary. We can list the functions with "afl"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <elf.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <sys/mman.h> | |
| // killgdb.c - prevent an elf from being loaded by gdb. | |
| // Jeffrey Crowell <crowell [at] bu [dot] edu> | |
| // | |
| // $ objcopy --only-keep-debug program program.debug |
crowell
/ i-hate-heap-leak.c
Created
September 4, 2017 23:48
— forked from Jinmo/i-hate-heap-leak.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| first malloc(16) : 0x1a61450 | |
| eh.. and malloc(-1) : (nil) | |
| second malloc(16) : 0x7fe57c0008c0 | |
| FYI, libc.so address is : 0x7fe5837dc000 | |
| let's calculate! : 0x7fe580000000 | |
| */ | |
| #include <stdio.h> | |
| #include <stdlib.h> |
crowell
/ extract_firmware.rb
Created
September 27, 2014 19:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Poker II Firmware disassembly help tool. | |
| original = IO.read("./Poker II original firmware.bin") | |
| extracted = "" | |
| original.each_byte{|b| | |
| m = (((b & 0x0f) << 4) | ((b & 0xf0) >> 4)) ^ 0xff | |
| extracted << m.chr | |
| } | |
| puts extracted |
crowell
/ gist:ce7c976ecfb5df41413e5535ffaebe0c
Created
April 17, 2017 17:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sftp-3 ~ » dig @75.75.75.75 example.com | |
| ; <<>> DiG 9.8.3-P1 <<>> @75.75.75.75 example.com | |
| ; (1 server found) | |
| ;; global options: +cmd | |
| ;; Got answer: | |
| ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 49393 | |
| ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 | |
| ;; QUESTION SECTION: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| f0VMRgECAQAAAAAAAAAAAAACABQAAAABEAADAAAAADQAAA84AAAAAAA0ACAABwAoAB0AGgAAAAYA | |
| AAA0EAAANBAAADQAAADgAAAA4AAAAAUAAAAEAAAAAwAAARQQAAEUEAABFAAAAA0AAAANAAAABAAA | |
| AAEAAAABAAAAABAAAAAQAAAAAAAGbAAABmwAAAAFAAEAAAAAAAEAAAZsEAEGbBABBmwAAAEsAAAB | |
| MAAAAAYAAQAAAAAAAgAABoAQAQaAEAEGgAAAAPAAAADwAAAABgAAAAQAAAAEAAABJBAAASQQAAEk | |
| AAAARAAAAEQAAAAEAAAABGR05VEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAQL2xpYi9sZC5z | |
| by4xAAAAAAAAAAQAAAAQAAAAAUdOVQAAAAAAAAAAAgAAAAYAAAAgAAAABAAAABQAAAADR05VAGpO | |
| Hzw6QibadtZIhfyXfSuWjPoWAAAAAgAAAAUAAAABAAAABSAAIAAAAAAAAAAABcDjS60AAAAAAAAA | |
| AAAAAAAAAAAAAAAAHwAAAAAAAAAAEgAAAAAAABoAAAAAAAAAABIAAAAAAAA4AAAAAAAAAAAgAAAA | |
| AAAAJgAAAAAAAAAAEgAAAAAAAAsQAAY8AAAABBEAAA4AbGliYy5zby42AF9JT19zdGRpbl91c2Vk | |
| AHB1dHMAcHJpbnRmAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdMSUJDXzIuMABH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/ngx_pagespeed.cc b/src/ngx_pagespeed.cc | |
| index 0e298b7..45e8708 100644 | |
| --- a/src/ngx_pagespeed.cc | |
| +++ b/src/ngx_pagespeed.cc | |
| @@ -686,14 +686,20 @@ char* ps_loc_configure(ngx_conf_t* cf, ngx_command_t* cmd, void* conf); | |
| // not NGX_HTTP_LOC_CONF_OFFSET or NGX_HTTP_MAIN_CONF_OFFSET. | |
| ngx_command_t ps_commands[] = { | |
| { ngx_string("pagespeed"), | |
| - NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1|NGX_CONF_MULTI| | |
| + NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1| |
NewerOlder