This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import sys | |
import re | |
import subprocess | |
import time | |
PPPD_WAITTIMEOUT = 10 | |
##################################### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import sys | |
import re | |
import subprocess | |
import pprint | |
def papsecret(username, password): | |
papfile = """\r# Secrets for authentication using PAP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Using Z3 to check if the number is prime | |
Original reference: https://stackoverflow.com/a/35653749/1768052 | |
''' | |
from z3 import * | |
def isPrime(x): | |
y, z = Ints("y z") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys | |
import itertools | |
from z3 import * | |
# | |
# Original puzzle | |
# | |
''' | |
Five friends have their gardens next to one another, where they grow three kinds of crops: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# README | |
# | |
# Bash script to simplify the running of the AFL (American Fuzzy Loop) | |
# | |
# It will: | |
# - use AFL_HARDEN=1 to detect simple memory corruption | |
# - use libdislocator to detect HEAP memory corruption | |
# - use multi-thread AFL with tmux 4-panes splitted to ease viewing |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pwn import * | |
import struct | |
import binascii | |
FREE_GOT = 0x804a10c | |
SETBUF_GOT = 0x804a104 | |
FREE_LIBC = 0x76110 # pico: 0x76110, local: 0x712f0 | |
SYSTEM_LIBC = 0x3e3e0 # pico: 0x3e3e0, local: 0x3ada0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Greetz @_py on 0x00sec.org forum! | |
Without his awesome write-ups (link below), I won't be able to understand and finish this challenge. | |
Link: https://0x00sec.org/t/picoctf-write-up-bypassing-aslr-via-format-string-bug/1920 | |
''' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
DISABLE ASLR & NX THROUGH COMPILATION: | |
$ echo 0 | sudo tee /proc/sys/kernel/randomize_va_space # disable ASLR | |
$ gcc -fno-stack-protector -z execstack -o format_string format_string.c -g # compile with NX (DEP protection) disabled | |
############# | |
# CODE POC | |
############# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* disable ASLR & compile: | |
* $ echo 0 | sudo tee /proc/sys/kernel/randomize_va_space # disable ASLR | |
* $ gcc -fno-stack-protector -z execstack -o format_string format_string.c -m32 -g # compile with NX (DEP protection) disabled | |
* | |
* addresses to write: | |
* val = 0x804a020 (addr) | |
* val+2 = 0x804a022 | |
* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
shahril:pico$ python keyboard_pcap.py -f data.pcap | |
flag{pr355_0nwards_a4263f07}c | |
""" | |
from scapy.all import * | |
from argparse import ArgumentParser | |
from sys import argv | |
from collections import OrderedDict |