Actually I solved this challenage with angr, but I tried to do this with gdb scripting after DEF CON.
Have fun :)
gdb ./neophyte_revsersing
source ./neophyte_revsersing.gdbscript
# wait for flag
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ^~ /wp-login.php { | |
| if ($http_user_agent ~* sqlmap|NESSUS|hacker|MSIE) { | |
| return 404; | |
| } | |
| if ($arg_action = lostpassword) { | |
| return 403; | |
| } | |
| include snippets/fastcgi-php.conf; | |
| fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| long fsize(FILE * fp) { | |
| long origin_pos = ftell(fp); | |
| fseek(fp, 0, SEEK_END); | |
| long size = ftell(fp); | |
| fseek(fp, origin_pos, SEEK_SET); | |
| return size; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdint.h> | |
| uint32_t seed; // 32bits unsigned integer | |
| // 32bits signed integer | |
| int32_t inline rand(int32_t max) | |
| { | |
| seed = seed * 1103515245 + 12345; |
Inndy
/ index.html
Created
April 22, 2016 16:25
— forked from anonymous/index.html
JS Bin // source http://jsbin.com/yacivicuga
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset="utf-8"> | |
| <meta name="viewport" content="width=device-width"> | |
| <title>JS Bin</title> | |
| <style id="jsbin-css"> | |
| #ball { | |
| height: 6px; | |
| width: 6px; |
Inndy
/ multi-process.py
Created
May 4, 2016 07:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from multiprocessing import Queue, Process | |
| from random import randint, choice | |
| from time import sleep | |
| def countdown(t, id_=None): | |
| for i in range(t, 0, -1): | |
| if id_: | |
| print('task(%.4x) -- ' % id_, end='') | |
| print('count downing ... %d' % i) | |
| sleep(1) |
Inndy
/ console-log-qrcode.js
Created
June 6, 2016 07:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var qrcode = ['111111100010101111111', '100000101010101000001', '101110101011001011101', '101110100000101011101', '101110101111101011101', '100000101110001000001', '111111101010101111111', '000000001', '11010011001110111011', '111000010111000000011', '000101101101000101101', '110110011010101101011', '11011011101100001', '0000000011010111001', '11111110100111101111', '10000010000100010001', '10111010000110011', '101110101010111111111', '101110100111100010101', '10000010100101', '11111110111000110101']; | |
| function print_qrcode(qrcode, size, c1, c0) | |
| { | |
| var args = []; | |
| var content = []; | |
| size = size || '22px'; | |
| c1 = c1 || 'black'; | |
| c0 = c0 || 'white'; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| !function () { | |
| var global = this; | |
| var old_eval = global.eval; | |
| var old_const = global.Function.prototype.constructor; | |
| global.Function.prototype.constructor = function (code) { | |
| console.log('Function Constructor: ' + code); | |
| return old_const(code); | |
| }; | |
| global.eval = function (code) { | |
| console.log('EVIL: ' + code); |
Inndy
/ OpenCTF2016 - neophyte_revsersing.md
Last active
October 18, 2017 13:28
Use gdb script to solve OpenCTF 2016 neophyte_revsersing (linked from ctftime writeup)
Inndy
/ secure-post.py
Last active
October 12, 2016 15:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import hashlib | |
| from itsdangerous import URLSafeTimedSerializer | |
| import urllib.parse | |
| def get_signing_serializer(secret_key): | |
| signer_kwargs = dict( | |
| key_derivation='hmac', | |
| digest_method=hashlib.sha1 |