Skip to content

Instantly share code, notes, and snippets.

View k1R4's full-sized avatar
🚩
c3pTur1nG f1eGs

Srijiith k1R4

🚩
c3pTur1nG f1eGs
View GitHub Profile
@k1R4
k1R4 / exploit.py
Created February 26, 2024 18:36
kowaiiVm - bi0sCTF 2024
#!/usr/bin/env python3
from dn3 import *
opcodes = {
"ADD": 0xb0,
"SUB": 0xb1,
"MUL": 0xb2,
"SHR": 0xb3,
"SHL": 0xb4,
"PUSH": 0xb5,
@k1R4
k1R4 / exploit.c
Created February 26, 2024 18:26
virtio-note - bi0sCTF 2024
#define _GNU_SOURCE
#include <sys/ioctl.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
typedef struct
{
@k1R4
k1R4 / virtio-note.c
Created February 26, 2024 18:23
virtio-note - bi0sCTF 2024
#include <linux/signal.h>
#include <linux/virtio.h>
#include <linux/virtio_config.h>
#include <asm/page_types.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/device.h>
#include <linux/mutex.h>
#include <linux/fs.h>
#include <linux/slab.h>
@k1R4
k1R4 / exploit.c
Created February 26, 2024 13:24
palindromatic - bi0sCTF 2024
#define _GNU_SOURCE
#include <string.h>
#include <stdarg.h>
#include <stdio.h>
#include <sys/types.h>
#include <fcntl.h>
#include <sched.h>
#include <sys/syscall.h>
#include <sys/ioctl.h>
#include <unistd.h>
@k1R4
k1R4 / exploit.py
Created January 1, 2024 10:51
Text editor v2 - ASIS CTF FInals 2023
#!/usr/bin/env python3
from dn3 import *
exe = ELF("chall")
libc = ELF("libc.so.6")
ctx.binary = exe
ctx.terminal = "st".split()
#ctx.log = 0
@k1R4
k1R4 / exploit.py
Created March 23, 2023 13:17
math-door - HackTheBox CyberApocalypse 2023
# flake8: noqa
#!/usr/bin/env python3
from dn3 import *
exe = ELF("math-door")
libc = ELF("libc.so.6")
ctx.binary = exe
ctx.terminal = "tmux new-window".split()
#ctx.log = 0
@k1R4
k1R4 / exploit.py
Created February 22, 2023 13:57
cs2100 - HackTM CTF Quals 2023
#!/usr/bin/env python3
from dn3 import *
from pwn import ELF
from binascii import hexlify
libc = ELF("libc-2.31.so", checksec=False)
#opcodes
LUI_ = 0x37
LTYPE = 0x3
@k1R4
k1R4 / exploit.py
Last active January 25, 2023 14:12
kawaii_vm - bi0sCTF 2022
from dn3 import *
libc = ELF("lib/libc.so.6")
#context.log = 0
context.terminal = "tmux new-window".split()
breakpoints = '''
b init_vm
c
@k1R4
k1R4 / exploit.c
Created January 23, 2023 04:52
k32 - bi0sCTF 2022
#define _GNU_SOURCE
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <sched.h>
#include <sys/mman.h>
#include <signal.h>
#include <sys/syscall.h>
#include <sys/ioctl.h>
@k1R4
k1R4 / writeup.md
Created December 19, 2021 15:13
FastCars - InCTF Nationals 2021

FastCars

tl;dr - use UAF in sell_car to fastbin attack and overwrite __malloc_hook with one_gadget.

Description

I heard glibc malloc is fast. But not as fast as these cars.

Challenge author: k1R4