Skip to content

Instantly share code, notes, and snippets.

View zachriggle's full-sized avatar

Zach Riggle zachriggle

491 followers · 177 following
View GitHub Profile
@zachriggle
zachriggle / gist:11301543
Created April 25, 2014 20:08
### Keybase proof
I hereby claim:
* I am zachriggle on github.
* I am zachriggle (https://keybase.io/zachriggle) on keybase.
* I have a public key whose fingerprint is C5BE 5AF8 DD76 E311 630E 5E26 683A C112 1586 0611
To claim this, I am signing this object:
@zachriggle
zachriggle / map
Created April 29, 2014 19:53
gdb-peda$ set disable-randomization off
gdb-peda$ break main
gdb-peda$ run
gdb-peda$ vmmap
0x00007fe6e01d7000 0x00007fe6e01d8000 r-xp /home/user/a.out
0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall]
gdb-peda$ run
gdb-peda$ vmmap
0x00007f7acee88000 0x00007f7acee89000 r-xp /home/user/a.out
0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall]
@zachriggle
zachriggle / gist:87ebeb71e3cffc4f15da
Created May 7, 2014 23:06
radare2-regressions/run_tests.sh
[ ] anal: ldr code analysis
[OK]
[ ] anal: endian
[OK]
[ ] anal: af java multiple classes loaded via malloc and ib
[BR]
Command: /usr/local/bin/radare2 -e scr.color=0 -N -q -i /tmp/r2-regressions//anal-rad.Snxmol malloc://1023 > /tmp/r2-regressions//anal-out.pyjpEd 2> /tmp/r2-regressions//anal-err.xuWjRM
Script:
e asm.comments=false
@zachriggle
zachriggle / patch.py
Created June 25, 2014 18:10
Applies IDA Patches to Binaries
import argparse
import fileinput
import re
import binascii
import struct
unhex = binascii.unhexlify
u32 = lambda x: struct.unpack('>L', x)[0]
hexa = r'[0-9A-F]'
pattern = r'(%s{8}): (%s{2}) (%s{2})' % (hexa, hexa, hexa)
@zachriggle
zachriggle / gist:a363d271b29ab5943f64
Created October 13, 2014 07:54
>>> class A(object): pass
...
>>> a = A()
>>> a.__len__ = lambda: 3
>>> a.__len__()
3
>>> len(a)
Traceback (most recent call last):
...
TypeError: object of type 'A' has no len()
@zachriggle
zachriggle / wat.md
Created November 29, 2014 05:19

gdb-peda$ x/i $pc => 0xf763d100 <__libc_system>: push ebx gdb-peda$ telescope $sp 2 00:0000| esp 0x188340de --> 0x8048c0d (add esp,0x10) 01:0004| 0x188340e2 --> 0x188340f2 ("/tmp/note||bash") gdb-peda$ continue ... Stopped reason: SIGSEGV 0xf763ce3c in do_system (line=0x188340f2 "/tmp/note||bash") at ../sysdeps/posix/system.c:153

@zachriggle
zachriggle / gist:939024
Created April 23, 2011 22:12
#!/usr/bin/python
import md5, sys
h = '\x8b\x07Y\x98!\n\x1a\xc8\x86\xe8G\x0f\x9a\x8b[\xc0'.encode('hex')
def chk(s):
print s
if (md5.new(s).hexdigest() == h):
sys.exit()
@zachriggle
zachriggle / tabspace.py
Created September 14, 2011 15:36
Tabs and Spaces
# Leading Tabs, align with tabs
print "Hello" # Comment
print "Hello, world" # Comment
# Leading tabs, align with space
print "Hello" # Comment
print "Hello, world" # Comment
@zachriggle
zachriggle / portscan.txt
Last active December 17, 2015 19:09
unalloctf portscan
~ ⮀ sudo nmap -sT -T Insane -P0 -A 192.168.1.2 192.168.1.66 192.168.1.79 192.168.1.80 192.168.1.117 192.168.1.213 192.168.1.214 192.168.1.254 -v -v --privileged
Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-27 14:58 EDT
NSE: Loaded 106 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 2) scan.
NSE: Starting runlevel 2 (of 2) scan.
Initiating Parallel DNS resolution of 8 hosts. at 14:58
Completed Parallel DNS resolution of 8 hosts. at 14:58, 0.74s elapsed
Initiating Connect Scan at 14:58
@zachriggle
zachriggle / gist:5659055
Created May 27, 2013 20:58
schemadump 192.168.1.79
msf auxiliary(mysql_schemadump) > run
[*] Schema stored in: /Users/zachriggle/.msf4/loot/20130527165753_default_192.168.1.79_mysql_schema_235782.txt
[+] MySQL Server Schema
Host: 192.168.1.79
Port: 3306
====================
---
- DBName: BadApple