Mokhdzani Faeq mokhdzanifaeq
mokhdzanifaeq
/ inject.php
Last active
February 20, 2022 00:06
inject javascript into images (BMP,JPG,GIF)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //GIF && BMP | |
| function GNB($data, $payload, $pos) { | |
| $data = str_replace(['2f2a', '2a2f'], '0000', $data); | |
| $data = substr_replace($data, '2f2a', $pos, 4); | |
| $data .= array_shift( unpack('H*', '*/=1;' . $payload) ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $ip = 'x.x.x.x'; | |
| $thread = 15; | |
| $timeout = 10; | |
| $proxy = false; | |
| $start = 0x0; | |
| $retry = 3; | |
| $hex = array_map(function ($x) { return sprintf('%04X', $x); }, range($start, 0xffff) ); |
mokhdzanifaeq
/ ex03.py
Last active
February 23, 2016 15:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from z3 import * | |
| from random import shuffle | |
| # define the variables | |
| chars = IntVector("", 16) | |
| solver = Solver() | |
| # all values are printable chararacters (33 - 126) | |
| for i in range(16): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # challenge3 - https://drive.google.com/file/d/0B_bQeUUGe4uLM3BWd1dqTVF4TVE/view?usp=sharing | |
| from z3 import * | |
| import sys | |
| # define the variables | |
| chars = IntVector("", 7) | |
| solver = Solver() | |
| constraint = [] |
mokhdzanifaeq
/ keygen.py
Last active
April 13, 2016 08:15
keygen for challenge4_ok using Z3 theorem prover
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # challenge4_ok.exe - https://drive.google.com/open?id=0B_bQeUUGe4uLcXNqRnBBand5Yk0 | |
| from z3 import * | |
| import sys | |
| # argv[1] == key length | |
| length = int(sys.argv[1]) | |
| if length < 5: | |
| print "length must be more than 4!" | |
| exit() |
mokhdzanifaeq
/ extract.rb
Created
November 23, 2016 13:06
extract keystroke from buffer data [metasploit]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // extracted from metasploit source code | |
| // need to get hex stream of the buffer | |
| VirtualKeyCodes = { | |
| 1 => %W{ LClick }, | |
| 2 => %W{ RClick }, | |
| 3 => %W{ Cancel }, | |
| 4 => %W{ MClick }, | |
| 8 => %W{ Back }, | |
| 9 => %W{ Tab }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from PIL import Image | |
| import argparse | |
| from collections import OrderedDict | |
| def parseMask(string): | |
| mask = [] | |
| for val in string.split(","): | |
| if "-" in val: | |
| min, max = val.split("-") | |
| mask += [1 << (i - 1) for i in range(int(min), int(max) + 1)] |
mokhdzanifaeq
/ regex.py
Last active
June 12, 2017 07:46
satisfying regular expression using smt solver
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| import sys | |
| import string | |
| from z3 import * | |
| # hackish way to generate string that satisfy simple regex | |
| # what's not supported: group reference & look behind | |
| # usage: python regex.py PATTERN LENGTH | |
| pattern = sys.argv[1] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os,sys | |
| import requests | |
| import re | |
| import ast | |
| import json | |
| import time | |
| from numpy.random import choice | |
| loop = 102 |
mokhdzanifaeq
/ brute.py
Last active
November 26, 2018 20:47
multithreaded hidden tear bruteforcer. start from the defined tick and decrease from there
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # pip install pycryptodome | |
| from Crypto.Protocol.KDF import PBKDF2 | |
| from Crypto.Cipher import AES | |
| from hashlib import sha256 | |
| from datetime import datetime | |
| from ctypes import * | |
| import multiprocessing as mp | |
| # http://referencesource.microsoft.com/#mscorlib/system/random.cs | |
| class Random(object): |
OlderNewer