This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
config: KASLR + SMEP + RANDOM_STRUCT | |
In llseek, I only check whether the offset is smaller than file_size or not. | |
However, the image can be crafted by the attacker. After reversing the disk | |
layout of the image, the attacker can mount an image which contains a normal | |
file having file size 0x7fffffffffffffff. | |
With llseek, kernel memory read and write can be achieved. | |
But the implemented llseek only supports positive seeking, which means that | |
the attacker cannot access the data before the buffer of the file. | |
This creates certain difficulties. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# encoding: utf-8 | |
#flag{Seize it, control it, and exploit it. Welcome to the House of Storm.} | |
import itertools | |
from hashlib import sha256 | |
from pwn import remote, process, ELF | |
from pwn import context | |
from pwn import p32,p64,u32,u64 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Use UTF8 | |
#set -g utf8 | |
#set -g status-utf8 on | |
#setw -g utf8 on | |
# Use zsh as default shell | |
set-option -g default-shell /bin/zsh | |
# Support for 256 colors | |
set -g default-terminal "screen-256color" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nc minbashmaxfun 1337 -v <<<$(python solve.py file dump_flag.sh ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# coding:utf-8 | |
import sys | |
import time | |
from pwn import * | |
from clemency import * | |
def exploit(host): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/*********************************** | |
* 威盾PHP加密专家解密算法 By:Neeao | |
* http://Neeao.com | |
* 2009-09-10 | |
***********************************/ | |
$filename="index.php";//要解密的文件 | |
$lines = file($filename);//0,1,2行 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# read/write access to python's memory, using a custom bytearray. | |
# some code taken from: http://tinyurl.com/q7duzxj | |
# | |
# tested on: | |
# Python 2.7.10, ubuntu 32bit | |
# Python 2.7.8, win32 | |
# | |
# example of correct output: | |
# inspecting int=0x41424344, at 0x0228f898 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
import gevent | |
from gevent import monkey; monkey.patch_all(); del monkey | |
import random | |
import time | |
concurrent = 8 | |
delay = 0.5 | |
def get_user_agent(): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#-*- coding:utf-8 -*- | |
''' | |
DEF CON 2017 Quals - Godzilla (Reverse) | |
Timing attack on RSA decryption. | |
Based on http://www.cs.jhu.edu/~fabian/courses/CS600.624/Timing-full.pdf | |
Another solutions: | |
https://gist.github.com/nneonneo/367240ae2d8e705bb9173a49a7c8b0cd by b2xiao | |
https://gist.github.com/Riatre/caac24840b176cf843b3f66ad9a5eeaf by riatre |
NewerOlder