Skip to content

Instantly share code, notes, and snippets.

View xermicus's full-sized avatar

Cyrill Leutwiler xermicus

80 followers · 84 following
  • Switzerland
View GitHub Profile
@xermicus
xermicus / keybase.md
Created February 24, 2016 22:19

Keybase proof

I hereby claim:

  • I am xermicus on github.
  • I am xermic (https://keybase.io/xermic) on keybase.
  • I have a public key whose fingerprint is DBBF E288 93F0 32CA D1FB B554 B7A0 A849 3D39 67B6

To claim this, I am signing this object:

@xermicus
xermicus / r2 cmdlets
Last active November 11, 2016 08:35
## Command Mode
pdf @ main
-> print disassembly from main function
afl
-> list all functions
iz; izz
-> list strings; list more strings
@xermicus
xermicus / fr0g_kgm1.py
Created October 17, 2016 19:00
fr0g_kgm1 | crackmes.de
# http://crackmes.de/users/fr0gsek/fr0g_kgm1/
key = 'SeRiAlAbCdEfGhIjKlMnOpQrStUvWxYz'[::-1]
user = ''
while len(user) < 5:
user = input('login [min 5 chars]: ')
serial = ''
for i in range(32):
@xermicus
xermicus / crkme1-linux32_keygen.py
Created October 18, 2016 18:25
# http://crackmes.de/users/damo2k/damos_crackme_1_for_linux/
import random, sys
random.seed()
serial = [None] * 10
#1_10
c = random.randint(0x64, 0x7a)
serial[9] = chr(c)
@xermicus
xermicus / pcm0.py
Last active December 8, 2016 10:28
# http://crackmes.de/users/pancake/pcme0/
# This is not perfect, it fails to recover one specific char in the flag
# Idk what's going on there, but found it out anyway :)
# (In the final flag, the non-printable char '\0x18' should be '0'. Flag is 10 chars long.)
import sys,r2pipe
r2profile = '#!/usr/bin/rarun2\nprogram=./pcme0\nstdin=stdin.txt\nstdout='
with open('profile.rr2', 'w') as f:
@xermicus
xermicus / crackme.02.32.py
Created November 9, 2016 14:20
# http://crackmes.de/users/geyslan/crackme.02.32/
import random
random.seed()
password = ''
secret = '\xf7\xf8\xf1\xf4\xf1\xf8\xb3\xfc\xfc'
for i in range(len(secret)):
candidates = ''
@xermicus
xermicus / rcCrackme.py
Created November 15, 2016 19:22
# http://crackmes.de/users/macabre/rccrackme/
# NOTE: This keygen finds correct serial, but fails to insert the hyphens '-' in the
# correct (correct in terms of the crackme) way. It gave me headaches trying
# to do this in python, but I think it should be easy to implement it in C.
user = input("Enter username: ")
user *= 9 // len(user) + 1 if len(user) < 10 else 1
print('User: ' + user)
@xermicus
xermicus / spacemision.txt
Created September 13, 2017 18:10
solution to spacemision crackme
This was a very fun crackme! Instead of providing a simple "password: " prompt or something like that the author actually wrote a tiny game to play with.
# ./spacemision
Hello, ...?
Hello, chief reverse engineer root of the spaceship rbinsegfaulter?
Can you hear, me?
Oh, these speakers seem to be broken.
No matter, if you hear me, or not, this is probably our last chance to survive!
We got attacked from the evil aliens from the binja-system!
@xermicus
xermicus / wlp3s0-hslu
Created September 24, 2018 19:43
HSLU netctl profile
Description='netctl profile for hslu'
Interface=wlp3s0
Connection=wireless
Security=wpa-configsection
ESSID=hslu
IP=dhcp
WPAConfigSection=(
'ssid="hslu"'
'proto=RSN'
'key_mgmt=WPA-EAP'
@xermicus
xermicus / mount.sh
Created September 24, 2018 19:49
ILIAS webdav mounts
#!/bin/bash
# Example for DMATH.
# Adapt the "ref_XXXXXXX" for other subjects (it's the same as the web URI while browsing):
sudo mount -t davfs https://elearning.hslu.ch/ilias/webdav.php/hslu/ref_3779056/ /mnt/ilias/DMATH