Mathieu Deous mdeous

## fuuuu.c
#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <string.h>
struct EnvInfo
{
  char home[128];
  char username[128];
  char shell[128];
  char path[128];

## prompt.sh
RED="\033[0;31m"
YELLOW="\033[0;33m"
GREEN="\033[0;32m"
BLUE="\033[0;34m"
LIGHT_GRAY="\033[0;37m"
COLOR_NONE="\033[0;0m"

RE_GIT_BRANCH="^On branch ([^${IFS}]*)"
RE_GIT_REMOTE="Your branch is (.*) '"
RE_GIT_GAP="Your branch is .* ([0-9]+) commits?"

## cve-2015-0240_samba_exploit.py
#!/usr/bin/python
"""
Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya

The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by
ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()'
in libtalloc does not write a value on 'creds' address.

Reference:
- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/

## find_offsets.py
In [23]: def find_offsets(filename, regex):
    ...:     with open(filename) as ifile:
    ...:         lineno = 1
    ...:         for line in ifile:
    ...:             for result in regex.finditer(line):
    ...:                 print "Result found line %d column %d" % (lineno, result.start())
    ...:             lineno += 1
    ...:

In [24]: r = re.compile('=')

## update.sh
#!/bin/bash
#
# Batch VCS repositories update script.
# Finds all git/svn/mercurial repositories recursively
# and updates them.
#
# USAGE:
# 	./update.sh [PATH]
#
#	PATH

## MITM -SSL-Proxies.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mdeous
                / MITM -SSL-Proxies.md
            
            
              Created
              April 12, 2014 19:36
                — forked from jeremiahsnapp/MITM -SSL-Proxies.md
            
          
    HTTP(S) specific MITM SSL Proxies

mitmproxy

mitmproxy is an excellent console app written in Python.
It is easy to use on Linux and OS X.
It has an easy to use, prebuilt binary for OS X Mountain Lion (also works on OS X Mavericks).

  
## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mdeous
                / keybase.md
            
            
              Created
              April 12, 2014 15:54
            
          
    Keybase proof

I hereby claim:

I am mattoufoutu on github.
I am mattoufoutu (https://keybase.io/mattoufoutu) on keybase.
I have a public key whose fingerprint is 0D9D AF13 80B2 8B6D 6D33  987A EE86 1694 85C7 C46D

To claim this, I am signing this object:

  
## binary7.c
#include <stdio.h>
#include <stdlib.h>
char username[512] = {1};
void (*_atexit)(int) =  exit;
void cp_username(char *name, const char *arg)
{
  while((*(name++) = *(arg++)));
  *name = 0;
}
int main(int argc, char **argv)

## binary5.c
#include <stdio.h>
#include <unistd.h>
int main(int argc, char *argv[]){
        FILE *secret = fopen("/challenge/binary/binary5/.passwd", "rt");
        char buffer[32];
        fgets(buffer, sizeof(buffer), secret);
        printf(argv[1]);
        fclose(secret);
        return 0;
}

## output.txt
(21:09:37)[mdeous@DELL-P159BIS:~/Dotfiles(master)↑+2⚡]0↩
$                                                                                           CURSEUR ICI
	#include <stdio.h>
	#include <stdlib.h>
	#include <dirent.h>
	#include <string.h>
	struct EnvInfo
	{
	char home[128];
	char username[128];
	char shell[128];
	char path[128];
	RED="\033[0;31m"
	YELLOW="\033[0;33m"
	GREEN="\033[0;32m"
	BLUE="\033[0;34m"
	LIGHT_GRAY="\033[0;37m"
	COLOR_NONE="\033[0;0m"

	RE_GIT_BRANCH="^On branch ([^${IFS}]*)"
	RE_GIT_REMOTE="Your branch is (.*) '"
	RE_GIT_GAP="Your branch is .* ([0-9]+) commits?"
	#!/usr/bin/python
	"""
	Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya

	The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by
	ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()'
	in libtalloc does not write a value on 'creds' address.

	Reference:
	- https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/
	In [23]: def find_offsets(filename, regex):
	...: with open(filename) as ifile:
	...: lineno = 1
	...: for line in ifile:
	...: for result in regex.finditer(line):
	...: print "Result found line %d column %d" % (lineno, result.start())
	...: lineno += 1
	...:

	In [24]: r = re.compile('=')
	#!/bin/bash
	#
	# Batch VCS repositories update script.
	# Finds all git/svn/mercurial repositories recursively
	# and updates them.
	#
	# USAGE:
	# ./update.sh [PATH]
	#
	# PATH
	#include <stdio.h>
	#include <stdlib.h>
	char username[512] = {1};
	void (*_atexit)(int) = exit;
	void cp_username(char name, const char arg)
	{
	while(((name++) = (arg++)));
	*name = 0;
	}
	int main(int argc, char **argv)
	#include <stdio.h>
	#include <unistd.h>
	int main(int argc, char *argv[]){
	FILE *secret = fopen("/challenge/binary/binary5/.passwd", "rt");
	char buffer[32];
	fgets(buffer, sizeof(buffer), secret);
	printf(argv[1]);
	fclose(secret);
	return 0;
	}
	(21:09:37)[mdeous@DELL-P159BIS:~/Dotfiles(master)↑+2⚡]0↩
	$ CURSEUR ICI