Skip to content

Instantly share code, notes, and snippets.

View extremecoders-re's full-sized avatar
🐶
🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶🐶

extremecoders-re

🐶
🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶🐶
View GitHub Profile
typedef unsigned int uint32_t;
typedef unsigned short uint16_t;
typedef unsigned char uint8_t;
static uint16_t rotl(uint16_t value, uint16_t shift)
{
return (value << shift) | (value >> (32 - shift));
}
static uint16_t rotl(uint16_t value, uint16_t shift)
{
return (value << shift) | (value >> (32 - shift));
}
static void s20_quarterround(uint16_t *y0, uint16_t *y1, uint16_t *y2, uint16_t *y3)
{
*y1 = *y1 ^ rotl(*y0 + *y3, 7);
*y2 = *y2 ^ rotl(*y1 + *y0, 9);
# configuration file generated by Bochs
plugin_ctrl: unmapped=1, biosdev=1, speaker=1, extfpuirq=1, parallel=1, serial=1, gameport=1
config_interface: win32config
display_library: win32
memory: host=32, guest=32
romimage: file="C:\Program Files\Bochs-2.6/BIOS-bochs-latest"
vgaromimage: file="C:\Program Files\Bochs-2.6/VGABIOS-lgpl-latest"
boot: disk
floppy_bootsig_check: disabled=0
# no floppya
>>> import marshal, dis
>>> f = open('1.pyc', 'rb')
>>> f.seek(8)
>>> co = marshal.load(f)
>>> dis.disassemble(co)
1 >> 0 SETUP_EXCEPT 99 (to 102)
3 <144> 387
6 STOP_CODE
7 JUMP_FORWARD 217 (to 227)
0 SETUP_EXCEPT 99
3 <INVALID>
102 POP_TOP
103 POP_TOP
104 POP_TOP
105 LOAD_CONST 1
108 JUMP_FORWARD 14
125 MAKE_FUNCTION 0
128 JUMP_ABSOLUTE 205
205 STORE_FAST 0

Keybase proof

I hereby claim:

  • I am extremecoders-re on github.
  • I am 0xec (https://keybase.io/0xec) on keybase.
  • I have a public key whose fingerprint is 299B 7870 256E BBBE 5899 D032 7283 ABC9 3A50 CD5C

To claim this, I am signing this object:

$ python my_aegg.py
WARNING | 2017-08-02 12:47:21,314 | claripy | Claripy is setting the recursion limit to 15000. If Python segfaults, I am sorry.
WARNING | 2017-08-02 12:47:22,664 | cle.loader | The main binary is a position-independent executable. It is being loaded with a base address of 0x400000.
INFO | 2017-08-02 12:47:22,725 | aegg.aegg | Start hacking ...
WARNING | 2017-08-02 12:47:46,590 | simuvex.plugins.symbolic_memory | Concretizing symbolic length. Much sad; think about implementing.
WARNING | 2017-08-02 12:48:08,428 | simuvex.engine.successors | Exit state has over 257 possible solutions. Likely unconstrained; skipping. <BV32 (if (((0xffbfdfa1 + (if (<...> == <...>) then 0x402060 else (if <...> then <...> else <...>)))[31:5] == 0x0) && ((1 + (if (<...>[7:0] == 0) then 0 else (if (<...> == <...>) then 1 else (if <...> then <...> else <...>)))) <= 25)) then 0 else file_/dev/stdin_0_0_3_2456[207:200]) .. (if (((0xffbfdfa1 + (if (<...> == <...>) then 0x402060 else (if <...> then <...> else <...>
@extremecoders-re
extremecoders-re / thetool.py
Created October 17, 2017 06:21
Flare-On 4 Challenge #10 decryption tool
import string
from PyQt4.QtCore import *
from PyQt4.QtGui import *
import sys
import ui_mainwindow
encoded = 'QAYLHhIJbzIQClFAQgQTFkNYbz5aUBQZURIXXBARFztifGQwPRdaaFkePE9KOjMWRBRdUhtDXkIXaGkpYTc6REs7UgB6AAAATQ1FUUlOU0dWEylVOSlzfDJUGwwaXAMCeWZeXnsHSztPGn0LXnp9DlAUWksWUloCH1JaJjV0c04cLApTdR9SWiY1dHNOB1Q4XQEEJF1Fc3QyQUhBSit3Enp9Vi1UB3lEHQAABRRQXg4LPTsOT1JHBl8tN0kEQVsMRUc6EE1HMDQqe3MIYxdgFU4YRh5bX2llARVCbFwZOAYRHQJhJX52dkpwd3MaZkpvE0hTYVcUdmgyYlx4MBI4JHJ5BzAyGx03LRx9AHUqLgkAcFUiLgwcFD4+FAY+Ij4dOzoLCwAYSgciNQ0NLS0QGw91FAQ0bgULMRQCFjxKCgAzIjoMMBsKGxlmGBJJBAoWEC5XDy5sEDcuHBADBz0kGRUAERw9CyMQFDkbGBUtMhUmcQwEAhsSBiEMCyhdVSUEJjZUHiUqGg8mahAYFAwbEDIqURg9dAohDz4xFwk+MRxdMQQHLi4QAgAABhAXEHMHKnUTGXEmMhc+CwouSwgvCARhdwQAHFsKInkWGC4qOwANIWQWOnUbHzMqMQF4MQcSWil3DisqMRErCz8wEj5RFS1TNjtbXjACHyEyDABdKQQ/aQoXFWR3GiIpARMsPSYUMAwUAgdHZBQGKS8FAAAoAQEfUho/egUxKD4xJBFXBx4QCCAiKFpwGzU+AA1IATEOLgsTFGZBLAQbMj8VO2M9BS5ZLwMuJmIEEwMMGQAuRyNbRQASAEclIHMyPCM4dgAKLjoJBgQmDmh7dV1DEBhzZ2AxPTgRTUIjHj8dGCdQKDo3Ug9vX3p6ZnhBa2QXVAtGFQBFfHZXKCZIb05rZ
@extremecoders-re
extremecoders-re / aplib.py
Last active November 3, 2017 07:56
Flare-On 4 Challenge #12 plugins implemented in python
################################################################################
# quick hack for using aplib (http://www.ibsensoftware.com/products_aPLib.html)
# put aplib.dll in %PATH% or same dir as this script
# on *nix it might require LD_LIBRARY_PATH set depending on where libaplib.so is
import os
from ctypes import *
################################################################################
@extremecoders-re
extremecoders-re / future.c
Created November 27, 2017 09:36
TU-CTF RE Challenge - Future [250]
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
void genMatrix(char mat[5][5], char str[]) {
for (int i = 0; i < 25; i++) {
int m = (i * 2) % 25;
int f = (i * 7) % 25;
mat[m/5][m%5] = str[f];
}