Skip to content

Instantly share code, notes, and snippets.

View disconnect3d's full-sized avatar
🎯
deadlocking the reality

Disconnect3d disconnect3d

🎯
deadlocking the reality
500 followers · 79 following
View GitHub Profile
@disconnect3d
disconnect3d / README.md
Created August 21, 2019 17:55 — forked from FrankSpierings/README.md
Linux Container Escapes and Hardening
@disconnect3d
disconnect3d / .gitconfig
Created July 18, 2019 00:29
My gitconfig
# dotfile: ~/.gitconfig
# vim: ft=gitconfig
[alias]
ci = commit
co = checkout
br = branch
st = status
cp = cherry-pick
subup = submodule update --init --recursive
@disconnect3d
disconnect3d / deepdict.py
Last active June 20, 2019 15:55
In [3]: from collections import UserDict, defaultdict
In [4]: class A(UserDict):
...: def __getitem__(self, key):
...: if key not in self:
...: self[key] = defaultdict(lambda: A())
...: return super().__getitem__(key)
...:
In [6]: a = A()
@disconnect3d
disconnect3d / README.md
Last active April 5, 2021 17:59
Writeup for Rethon (Python reverse dis.dis result challenge) from Confidence CTF 2019

Confidence CTF 2019 - Rethon task writeup (draft)

TLDR:

  • We got a task file that was a result of python3.7 -m dis task.py - it had 7000+ lines, you can see it below
  • I created a genpyc.py that parsed it and assembled Python's code objects back to life (e.g. function's/module's .__code__.co_* fields)
  • It turned out that we can't decompile the resulting code objects or pyc via uncompyle6 or some other decompilers I tried
  • But we could dis.dis it to compare the disassembly and we could exec it or launch it via python3.7 sol.pyc

A caveat here - while the resulting pyc can be launched with a standard Python, we will get:

@disconnect3d
disconnect3d / osquery_game.md
Created June 3, 2019 00:16
osquery game task from FBCTF 2019 solution. Unfortunately solved this 14min after ctf ended ;). 
dc@dc:~/fbctf$ sshpass -p "osquerygame" ssh osquerygame@challenges.fbctf.com -p2222
Using a virtual database. Need help, type '.help'
W0603 00:15:46.326594 23481 challenge.cpp:633] Welcome to the osquery farm simulator extension. You have 5 days to make your farm successful.
osquery> select * from farm a, farm b where a.action="move"
    ...> AND
    ...> a.src=((INSTR(b.farm, (select emoji from farm_emoji where meaning="sheep"))-34)/18 << 4) +
    ...> ((INSTR(b.farm, (select emoji from farm_emoji where meaning="sheep"))-34)%18 - 3)
    ...> AND
    ...> a.dst=(((INSTR(b.farm, (select emoji from farm_emoji where meaning="pig"))-34)/18 - 1) << 4) +
@disconnect3d
disconnect3d / docker_apparmor.conf
Created May 7, 2019 12:55
docker-default AppArmor profile
#include <tunables/global>
profile docker-default flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/base>
network,
capability,
@disconnect3d
disconnect3d / ctype_example.py
Last active February 5, 2019 15:50
import ctypes
def calc(v):
return getattr(v, 'value', v)
def gen_c_type(name, ctype, floordiv=True):
class Type(ctype):
def __add__(self, other):
@disconnect3d
disconnect3d / ctypes_struct.py
Created February 2, 2019 21:26
import ctypes
class MyStruct(ctypes.LittleEndianStructure):
_fields_ = (
('x', ctypes.c_float),
('y', ctypes.c_float),
('velocity', ctypes.c_int32),
('weight', ctypes.c_uint32)
)
@disconnect3d
disconnect3d / lyrics.cc
Created October 11, 2018 00:16
Zadanie Production z Teaser Dragon CTF 2018
// kod zrodlowy do zadania Production
// z Teaser Dragon CTF 2018
#include <dirent.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/resource.h>
#include <unistd.h>
#include <cassert>
@disconnect3d
disconnect3d / production.cpp
Created October 3, 2018 19:08
a task from Dragon CTF Teaser 2018
#include <dirent.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/resource.h>
#include <unistd.h>
#include <cassert>
#include <cstdio>