mrexcessive
mrexcessive
/ 1001 mazes from Trend Micro CTF
Created
September 27, 2015 13:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 5 3 0 | |
| ##### | |
| #G.S# | |
| ##### | |
| 7 7 0 | |
| ####### | |
| #.#G.S# | |
| #.#.#.# | |
| #.#.#.# | |
| #.#.### |
mrexcessive
/ Solving 1001 mazes from Trend Micro CTF
Created
September 27, 2015 13:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #TrendJP CTF Prog300 - maze solving | |
| #@mrexcessive @WHA | |
| import sys | |
| import copy | |
| import math | |
| from itertools import permutations | |
| debug = True |
mrexcessive
/ gist:11ecc80397a7bd46ad5a
Created
October 4, 2015 16:19
ROP gadgets found in DCTFU CTF 2015 exploit 300 challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| See article on https://whitehatters.academy/ | |
| ROP gadgets are: | |
| 0x0000000000000aeb : add bl, ch ; add eax, 0xb8 ; add cl, cl ; ret | |
| 0x0000000000000b6f : add bl, dh ; ret | |
| 0x0000000000000b6d : add byte ptr [rax], al ; add bl, dh ; ret | |
| 0x0000000000000b6b : add byte ptr [rax], al ; add byte ptr [rax], al ; add bl, dh ; ret | |
| 0x0000000000000aef : add byte ptr [rax], al ; add byte ptr [rax], al ; leave ; ret | |
| 0x0000000000000b6c : add byte ptr [rax], al ; add byte ptr [rax], al ; ret | |
| 0x0000000000000af0 : add byte ptr [rax], al ; add cl, cl ; ret | |
| 0x00000000000007db : add byte ptr [rax], al ; add rsp, 8 ; ret |
mrexcessive
/ gist:85d75b8725d07c0afbaa
Last active
October 4, 2015 16:20
objdump output with added comments for DCTFU CTF exploit 300
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| See article on https://whitehatters.academy/ | |
| e300: file format elf64-x86-64 | |
| Disassembly of section .init: | |
| 00000000000007c8 <.init>: | |
| 7c8: 48 83 ec 08 sub $0x8,%rsp | |
| 7cc: 48 8b 05 0d 08 20 00 mov 0x20080d(%rip),%rax # 200fe0 <rand@plt+0x200730> | |
| 7d3: 48 85 c0 test %rax,%rax |
mrexcessive
/ gist:66b4ae7f399bb1ab3cbe
Last active
October 4, 2015 16:20
xxd dump of the DCTFU 2015 CTF exploit 300 binary (e300) 64bit ELF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| See article on https://whitehatters.academy/ | |
| 0000000: 7f45 4c46 0201 0100 0000 0000 0000 0000 .ELF............ | |
| 0000010: 0300 3e00 0100 0000 c008 0000 0000 0000 ..>............. | |
| 0000020: 4000 0000 0000 0000 d011 0000 0000 0000 @............... | |
| 0000030: 0000 0000 4000 3800 0900 4000 1c00 1b00 ....@.8...@..... | |
| 0000040: 0600 0000 0500 0000 4000 0000 0000 0000 ........@....... | |
| 0000050: 4000 0000 0000 0000 4000 0000 0000 0000 @.......@....... | |
| 0000060: f801 0000 0000 0000 f801 0000 0000 0000 ................ | |
| 0000070: 0800 0000 0000 0000 0300 0000 0400 0000 ................ | |
| 0000080: 3802 0000 0000 0000 3802 0000 0000 0000 8.......8....... |
mrexcessive
/ pwn.py
Created
October 4, 2015 17:01
Exploit register and login web service using timing attack for DCTFU CTF 2015 web 300 challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #See article on https://whitehatters.academy/ | |
| #target server http:10.13.37.4 (on VPN for DCTFU 2015 quals CTF) | |
| import requests # see http://stackoverflow.com/questions/4476373/simple-url-get-post-function-in-python | |
| import multiprocessing # see http://stackoverflow.com/questions/6286235/multiple-threads-in-python | |
| # we need to run register.php and login.php at the same time |
mrexcessive
/ pwnserver_9447_cards.py
Created
November 30, 2015 12:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #pwnserver.py for 9447 CTF 2015 exploit / cards | |
| #Whitehatters-uk | |
| import os, sys, code | |
| import readline, rlcompleter | |
| import socket | |
| import time | |
| import struct | |
| import telnetlib |
mrexcessive
/ gist:16a335320fdb057bf542
Created
December 6, 2015 13:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| treewalker: file format elf64-x86-64 | |
| Disassembly of section .init: | |
| 00000000004006d8 <_init>: | |
| 4006d8: 48 83 ec 08 sub $0x8,%rsp | |
| 4006dc: 48 8b 05 05 0b 20 00 mov 0x200b05(%rip),%rax # 6011e8 <_DYNAMIC+0x1d0> | |
| 4006e3: 48 85 c0 test %rax,%rax |
mrexcessive
/ pwn_iw2016_ctf_exp90.py
Created
February 22, 2016 10:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # pwnserver.py based on MyLittlePwnie challenge code from VolgaCTF 2015 | |
| # in turn based on my EBP challenge code from PLAID | |
| #@mrexcessive | |
| import os, sys, code | |
| import readline, rlcompleter | |
| import socket | |
| import time | |
| import struct |
mrexcessive
/ 0ctf_warmup_pwn.py
Created
March 14, 2016 07:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # pwn.py for 0CTF2016.warmup | |
| #@mrexcessive | |
| import os, sys, code | |
| import readline, rlcompleter | |
| import socket | |
| import time | |
| import string | |
| import struct |
OlderNewer