Skip to content

Instantly share code, notes, and snippets.

View Lense's full-sized avatar
🤔
?

Lense Lense

🤔
?
View GitHub Profile
@Lense
Lense / ctftime_scoreboard.py
Created October 26, 2020 02:15
CTFtime scoreboard generator for CTFd
#!/usr/bin/python3
import json
from CTFd import create_app
from CTFd.models import Users, Challenges
scoreboard = dict()
scoreboard["standings"] = list()
@Lense
Lense / fix_bold.diff
Last active October 12, 2019 19:25
Updated for st 0.8.2 commit 2b8333f553c14c15398e810353e192eb05938580
diff --git a/x.c b/x.c
index 5828a3b..ace044f 100644
--- a/x.c
+++ b/x.c
@@ -116,8 +116,6 @@ typedef struct {
int width;
int ascent;
int descent;
- int badslant;
- int badweight;
@Lense
Lense / randomware.md
Last active March 6, 2018 03:34
SECCON 2016 quals: randomware

randomware

SECCON 2016 quals

description

300 points
My PC suddenly got broken. Could you help me to recover it please?
NOTE: The disk can be virus-infected. DO NOT RUN any programs extracted from the disk outside of sandbox.
disk.qcow2.zip
Challenge files is huge, please download it first. Password will release after 60min.
password: h9nn4c2955kik9qti9xphuxti

@Lense
Lense / brainfun.md
Last active September 23, 2016 01:33
CSAW quals 2016 brainfun

Challenge

Title: brainfun
Competition: CSAW quals 2016
Category: Forensics
Points: 150
Description: Scrambled Fun for Everyone! Author: fang0654 <brainfun.png>

Background

  • There's nothing hidden in the file other than the pixel data.
  • The image is 512x512, but can be scaled down 32x32 to match the blocks to
@Lense
Lense / README.md
Last active December 6, 2015 19:05
SECCON 2015--Find the prime numbers--Crypto200
@Lense
Lense / sol
Created November 10, 2015 01:11
SOLARIZED HEX 16/8 TERMCOL XTERM/HEX L*A*B RGB HSB
--------- ------- ---- ------- ----------- ---------- ----------- -----------
base03 #002b36 8/4 brblack 234 #1c1c1c 15 -12 -12 0 43 54 193 100 21
base02 #073642 0/4 black 235 #262626 20 -12 -12 7 54 66 192 90 26
base01 #586e75 10/7 brgreen 240 #585858 45 -07 -07 88 110 117 194 25 46
base00 #657b83 11/7 bryellow 241 #626262 50 -07 -07 101 123 131 195 23 51
base0 #839496 12/6 brblue 244 #808080 60 -06 -03 131 148 150 186 13 59
base1 #93a1a1 14/4 brcyan 245 #8a8a8a 65 -05 -02 147 161 161 180 9 63
base2 #eee8d5 7/7 white 254 #e4e4e4 92 -00 10 238 232 213 44 11 93
base3 #fdf6e3 15/7 brwhite 230 #ffffd7 97 00 10 253 246 227 44 10 99
@Lense
Lense / CHALLENGE.md
Last active September 22, 2015 19:27
CSAW quals 2015 crypto 200: punchout

We found these System/360 punch cards and we need to extract the data. We already read the data off for you.

It looks encrypted. Can you help?

HINT: This is actually encrypted. With technology and techniques that were available in 1965

HINT: https://gist.github.com/withzombies/40554f02d6c7055fb0bc punchout.tar.xz-24504ddc1e81092010497ee49fc52e1c

@Lense
Lense / README.md
Last active July 12, 2018 22:01
CSAW quals 2015 forensics 400: Sharpturn

First thing I did was figure out that it was a git repo, search Google for how to extract the code, and run git archive master | tar x -C code. It asks for 2 prime factors of a number which doesn't have exactly 2 prime factors, from which it can be assumed that something was wrong with the code.

Running git fsck (after more Google searching) showed 3 hashes not matching up, which means that the hash of the file contents (plus header metadata) didn't match the filename. I then read https://git-scm.com/book/en/v2/Git-Internals-Git-Objects (side-note: the Pro Git book is a fantastic introduction to and reference for git). 3 Files are corrupted: sharp.cpp in each of the 3 commits (see git log).

Then I tool a leap of faith and assumed that a single byte was wrong (corrupted, hence the SATA controller comment) in each blob, and wrote a script to brute force it. It worked for first one, and then doom had to remind me to propagate the changes: the first

@Lense
Lense / solve_captured.py
Last active August 29, 2015 14:19
PlaidCTF 2015: curious writeup
#!/usr/bin/env python
# https://github.com/pablocelayes/rsa-wiener-attack
import RSAwienerHacker
def int2ascii(n):
# Cut off 0x and L
h = hex(n)[2:-1]
# Convert each hex byte to ascii char
return "".join([chr(int(h[i:i+2], 16)) for i in range(0, len(h), 2)])
@Lense
Lense / server.py
Last active August 29, 2015 14:19
PlaidCTF 2015: parlor2 writeup
#/usr/bin/env python
from Crypto.PublicKey import RSA, DSA
from Crypto.Random import random, atfork
from Crypto.Cipher import PKCS1_OAEP
import SocketServer,threading,os,time
import socket
from priv import privkey, privkey_enc