Skip to content

Instantly share code, notes, and snippets.

View d4em0n's full-sized avatar
🧐
learning

M Ramdhan d4em0n

🧐
learning
197 followers · 73 following
View GitHub Profile
@d4em0n
d4em0n / yet another radare2 cheatsheet.md
Last active April 25, 2018 13:18 — forked from williballenthin/yet another radare2 cheatsheet.md

radare2

load without any analysis (file header at offset 0x0): r2 -n /path/to/file

  • analyze all: aa
  • show sections: iS
  • list functions: afl
  • list imports: ii
  • list entrypoints: ie
  • seek to function: s sym.main
@d4em0n
d4em0n / exploit_bytechecker.py
Last active April 30, 2018 14:35
Exploit CTF B2P Byte Checker
from pwn import *
import sys
# NOTE : Tekan CTRL+D pada saat shell interactive pertama
ch = process('./checker')
#ch = remote("35.197.134.203", 8031)
context.terminal = ['tmux', 'splitw', '-h']
gdb_cmd = """
source /home/ramdhan/ctf/tools/peda/peda.py
b* 0x08048E50
"""
@d4em0n
d4em0n / c.md
Last active July 18, 2018 18:07
010editor patch (bsdiff base64'd)

Run below command to apply the patch.

$ base64 -d patch.b64 > patch
$ bspatch 010editor 010editor.patched patch

now you can run ./010editor.patched, you can register with your name and any serial number

@d4em0n
d4em0n / glibc_install.sh
Created July 27, 2018 02:16 — forked from cheuerde/glibc_install.sh
Install GNU libc version parallel to existing system
# Claas Heuer, August 2015
#
# urls:
# http://stackoverflow.com/questions/847179/multiple-glibc-libraries-on-a-single-host
# http://www.gnu.org/software/libc/download.html
cd $HOME
mkdir glibc_update
cd glibc_update
@d4em0n
d4em0n / watchpoint.cpp
Created July 30, 2018 08:47 — forked from jorendorff/watchpoint.cpp
// This source code comes from:
// http://stackoverflow.com/questions/8941711/is-is-possible-to-set-a-gdb-watchpoint-programatically
// with additional tricks from:
// https://code.google.com/p/google-breakpad/source/browse/trunk/src/client/linux/handler/exception_handler.cc?r=1361
#include <errno.h>
#include <signal.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@d4em0n
d4em0n / tag.vim
Created August 2, 2018 16:04
Jump to tag function/definition into existing tab.
command SelectTag call SelectTag()
nnoremap <silent> <leader>p :SelectTag<CR>
function SelectTag()
let tagident = expand("<cword>")
let curname = expand('%:p')
exe "stjump ".tagident
let newname = expand('%:p')
if curname != newname
exe "norm q"
exe "tab drop ".newname
@d4em0n
d4em0n / main.py
Last active October 6, 2018 03:13
CTFd auto submit
from bs4 import BeautifulSoup
import requests
import json
url = "https://ctf.asgama.web.id"
class CTFDAutoSubmit:
nonce_submit = 0
def __init__(self, url, user, pasw):
self.ctf = requests.Session()
@d4em0n
d4em0n / exploit.py
Created October 18, 2018 03:26
CJ2018 Final p11-zeus
from pwn import *
context.log_level = 'error'
context.terminal = 'tmux splitw -h'.split()
DEBUG = 0
cmd = """
"""
libc = ELF('./libc.so.6')
elf = ELF('./zeus')
p = process("./zeus")
@d4em0n
d4em0n / exploit.py
Created October 26, 2018 12:49
Bsides Delhi CTF data_bank exploit
from pwn import *
context.terminal = "tmux splitw -h -f".split()
#p = process("./data_bank")
p = remote("35.200.202.92", 1337)
DEBUG = 0
cmd = ""
libc = ELF('./libc.so.6')
if DEBUG:
gdb.attach(p, cmd, gdb_args=["--init-eval-command='source /ctf/tools/gef/gef.py'"])
@d4em0n
d4em0n / .radare2rc
Last active January 24, 2019 14:56
radare2 onedark colorscheme
e scr.utf8 = true
e scr.color = 3
ec func_var_type white
ec func_var #61afef
ec func_var_addr #4b5263
ec b0x00 #c678dd
ec b0xff #be5046
ec prompt #d19a66
ec fname #56b6c2
ec label rgb:0f3