Skip to content

Instantly share code, notes, and snippets.

View junorouse's full-sized avatar

Im, Juno junorouse

275 followers · 151 following
View GitHub Profile
@junorouse
junorouse / zer0c4_sol.ipynb
Created April 5, 2018 02:08 — forked from szabolor/zer0c4_sol.ipynb
0CTF Quals 2018 - zer0C4 solution by szabolor (!SpamAndHex)
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@junorouse
junorouse / zer0c4_sol.ipynb
Created April 5, 2018 02:08 — forked from szabolor/zer0c4_sol.ipynb
0CTF Quals 2018 - zer0C4 solution by szabolor (!SpamAndHex)
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@junorouse
junorouse / voices.txt
Created March 7, 2018 17:05 — forked from mculp/voices.txt
List of voices available by the `say` command on OS X
Agnes en_US # Isn't it nice to have a computer that will talk to you?
Albert en_US # I have a frog in my throat. No, I mean a real frog!
Alex en_US # Most people recognize me by my voice.
Alice it_IT # Salve, mi chiamo Alice e sono una voce italiana.
Alva sv_SE # Hej, jag heter Alva. Jag är en svensk röst.
Amelie fr_CA # Bonjour, je m’appelle Amelie. Je suis une voix canadienne.
Anna de_DE # Hallo, ich heiße Anna und ich bin eine deutsche Stimme.
Bad News en_US # The light you see at the end of the tunnel is the headlamp of a fast approaching train.
Bahh en_US # Do not pull the wool over my eyes.
Bells en_US # Time flies when you are having fun.
@junorouse
junorouse / voices.txt
Created March 7, 2018 17:05 — forked from mculp/voices.txt
List of voices available by the `say` command on OS X
Agnes en_US # Isn't it nice to have a computer that will talk to you?
Albert en_US # I have a frog in my throat. No, I mean a real frog!
Alex en_US # Most people recognize me by my voice.
Alice it_IT # Salve, mi chiamo Alice e sono una voce italiana.
Alva sv_SE # Hej, jag heter Alva. Jag är en svensk röst.
Amelie fr_CA # Bonjour, je m’appelle Amelie. Je suis une voix canadienne.
Anna de_DE # Hallo, ich heiße Anna und ich bin eine deutsche Stimme.
Bad News en_US # The light you see at the end of the tunnel is the headlamp of a fast approaching train.
Bahh en_US # Do not pull the wool over my eyes.
Bells en_US # Time flies when you are having fun.
@junorouse
junorouse / zergling.py
Created October 29, 2017 09:28
whitehat zergling
from pwn import *
from os import system
from time import sleep
context.terminal = ['tmux', 'splitw', '-h']
r = process("./zergling")
r = remote("1.224.175.13", 30007)
for i in xrange(3):
@junorouse
junorouse / stdafx.h
Created July 19, 2017 08:00 — forked from somma/stdafx.h
stdafx.h
/**
* @file AntiRanSomware user mode engine
* @brief
* @ref
* @author Yonhgwhan, Roh (fixbrain@gmail.com)
* @date 2017/01/21 created.
* @copyright All rights reserved by Yonghwan, Roh.
**/
#pragma once
@junorouse
junorouse / secuinside-2017-writeup.md
Last active July 5, 2017 14:18
SECUINSIDE Challenge Writeup
@junorouse
junorouse / ssg2017-writeup.md
Created May 28, 2017 00:39
ssg2017 writeup

Reversing

Speed_Test

분석하려다 귀찮아서 대충 생겨먹은거 보니깐 side-channel attack 가능할거 같아서 gdb script를 짯다.

import gdb
import ctypes
import string
@junorouse
junorouse / plaid-2016-web-challs.md
Created April 24, 2017 03:06
plaid ctf web challs

echo

info: command injection at the input.

echo {input}
from requests import get
@junorouse
junorouse / confidence2017-web300.md
Last active April 24, 2017 05:53
confidence 2017 web 300 write up

vulnerability

  1. ![xxx](filename) can leak any file (if knows the file name)

the server uses ROR (ruby on rails), so in ROR docs there are controller file name in standardization. apps/controllers/name_controller.rb so I leaked users_controller.rb and notes_controller.rb.

  1. in notes_controller there is an sqli vuln.