Skip to content

Instantly share code, notes, and snippets.

View SoftPoison's full-sized avatar

Tomais Williamson SoftPoison

20 followers · 18 following
View GitHub Profile
@alirobe
alirobe / reclaimWindows10.ps1
Last active November 15, 2024 12:08
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
###
###
### UPDATE: For Win 11, I recommend using this tool in place of this script:
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
###
@poxyran
poxyran / Easy bypass for ptrace(PTRACE_TRACEME, 0, 0) in GDB)
Last active October 29, 2024 22:40
Start GDB and execute the following commands:
catch syscall ptrace
commands 1
set ($eax) = 0
continue
end
Then, run the app and voilá! you can debug your program :)
@loknop
loknop / writeup.md
Created December 30, 2021 14:59
Solving "includer's revenge" from hxp ctf 2021 without controlling any files

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

@HexF
HexF / dec.py
Created October 16, 2023 10:57
DLink HDR4 Decryptor
# awful code for decrypting DLink TCLinux firmware files
# requires pycryptodome
import struct
import binascii
from Crypto.Cipher import AES
KEY = bytes.fromhex("11223344556677889900aabbccddeeff")
IV = bytes.fromhex("a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5")