Skip to content

Instantly share code, notes, and snippets.

View zachriggle's full-sized avatar

Zach Riggle zachriggle

489 followers · 177 following
View GitHub Profile
@zachriggle
zachriggle / gist:939024
Created April 23, 2011 22:12
#!/usr/bin/python
import md5, sys
h = '\x8b\x07Y\x98!\n\x1a\xc8\x86\xe8G\x0f\x9a\x8b[\xc0'.encode('hex')
def chk(s):
print s
if (md5.new(s).hexdigest() == h):
sys.exit()
@zachriggle
zachriggle / tabspace.py
Created September 14, 2011 15:36
Tabs and Spaces
# Leading Tabs, align with tabs
print "Hello" # Comment
print "Hello, world" # Comment
# Leading tabs, align with space
print "Hello" # Comment
print "Hello, world" # Comment
@zachriggle
zachriggle / portscan.txt
Last active December 17, 2015 19:09
unalloctf portscan
~ ⮀ sudo nmap -sT -T Insane -P0 -A 192.168.1.2 192.168.1.66 192.168.1.79 192.168.1.80 192.168.1.117 192.168.1.213 192.168.1.214 192.168.1.254 -v -v --privileged
Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-27 14:58 EDT
NSE: Loaded 106 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 2) scan.
NSE: Starting runlevel 2 (of 2) scan.
Initiating Parallel DNS resolution of 8 hosts. at 14:58
Completed Parallel DNS resolution of 8 hosts. at 14:58, 0.74s elapsed
Initiating Connect Scan at 14:58
@zachriggle
zachriggle / gist:5659055
Created May 27, 2013 20:58
schemadump 192.168.1.79
msf auxiliary(mysql_schemadump) > run
[*] Schema stored in: /Users/zachriggle/.msf4/loot/20130527165753_default_192.168.1.79_mysql_schema_235782.txt
[+] MySQL Server Schema
Host: 192.168.1.79
Port: 3306
====================
---
- DBName: BadApple
@zachriggle
zachriggle / parse.py
Last active January 4, 2016 17:29
world_wide_something
import scapy, struct, socket, binascii, logging
from scapy.all import *
from collections import defaultdict
#
# Entry
#
def USBIP(PacketData):
if PacketData[:2] == '\x01\x11':
@zachriggle
zachriggle / RARVERSEME-README.txt
Last active August 29, 2019 09:21
RARverseme
RARVM reversible/patchme
Modified 'unrar' source to dump context and disassembly.
Wrote two separate solvers since the challenge was broken.
To build the disassembler/debugger:
- unzip unrar-src-disassembler.zip -d unrar
- cd unrar
@zachriggle
zachriggle / gist:11301543
Created April 25, 2014 20:08
### Keybase proof
I hereby claim:
* I am zachriggle on github.
* I am zachriggle (https://keybase.io/zachriggle) on keybase.
* I have a public key whose fingerprint is C5BE 5AF8 DD76 E311 630E 5E26 683A C112 1586 0611
To claim this, I am signing this object:
@zachriggle
zachriggle / map
Created April 29, 2014 19:53
gdb-peda$ set disable-randomization off
gdb-peda$ break main
gdb-peda$ run
gdb-peda$ vmmap
0x00007fe6e01d7000 0x00007fe6e01d8000 r-xp /home/user/a.out
0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall]
gdb-peda$ run
gdb-peda$ vmmap
0x00007f7acee88000 0x00007f7acee89000 r-xp /home/user/a.out
0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall]
@zachriggle
zachriggle / gist:87ebeb71e3cffc4f15da
Created May 7, 2014 23:06
radare2-regressions/run_tests.sh
[ ] anal: ldr code analysis
[OK]
[ ] anal: endian
[OK]
[ ] anal: af java multiple classes loaded via malloc and ib
[BR]
Command: /usr/local/bin/radare2 -e scr.color=0 -N -q -i /tmp/r2-regressions//anal-rad.Snxmol malloc://1023 > /tmp/r2-regressions//anal-out.pyjpEd 2> /tmp/r2-regressions//anal-err.xuWjRM
Script:
e asm.comments=false
@zachriggle
zachriggle / patch.py
Created June 25, 2014 18:10
Applies IDA Patches to Binaries
import argparse
import fileinput
import re
import binascii
import struct
unhex = binascii.unhexlify
u32 = lambda x: struct.unpack('>L', x)[0]
hexa = r'[0-9A-F]'
pattern = r'(%s{8}): (%s{2}) (%s{2})' % (hexa, hexa, hexa)