Skip to content

Instantly share code, notes, and snippets.

View evandrix's full-sized avatar
💭
offline

evandrix evandrix

💭
offline
386 followers · 609 following
View GitHub Profile
@evandrix
evandrix / Rakefile
Created July 6, 2011 16:07 — forked from tooky/Rakefile
Sinatra + Cucumber + Webrat
require 'rubygems'
require 'cucumber/rake/task'
Cucumber::Rake::Task.new(:features) do |t|
t.cucumber_opts = "--format pretty"
end
@evandrix
evandrix / solution.pl
Created July 29, 2011 22:44 — forked from dmn001/Dropbox-Diet Solution
Dropbox Challenge - 3 The Dropbox Diet
#!/usr/bin/perl
use strict;
# dmn001 <at> gmail
# 31/01/2011
my %pos;
my %neg;
my $num_lines = <STDIN>;
while (<STDIN>){
@evandrix
evandrix / LICENSE.txt
Created February 14, 2012 21:17 — forked from 140bytes/LICENSE.txt
140byt.es -- Click ↑↑ fork ↑↑ to play!
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
Version 2, December 2004
Copyright (C) 2011 YOUR_NAME_HERE <YOUR_URL_HERE>
Everyone is permitted to copy and distribute verbatim or modified
copies of this license document, and changing it is allowed as long
as the name is changed.
DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
@evandrix
evandrix / gist:1893103
Created February 23, 2012 14:34 — forked from lezhangxyz/gist:1890401
ctfsh
#!/bin/sh
if [ ! -t 0 ]; then
echo >&2 'STDIN is not a terminal'
exit 1
fi
clear
cd "$(mktemp -d)"
@evandrix
evandrix / gist:1901352
Created February 24, 2012 14:40 — forked from michaelpetrov/gist:1899630
Stripe CTF Challenge - Solutions to all Levels
Stripe CTF - Work Notes
mpetrov ([email protected])
These notes are very rough. They should give a general idea of how each level was solved.
---- LEVEL 01 (login: e9gx26YEb2) -----
Solution: modifying PATH env variable
Password: kxlVXUvzv
date.c
@evandrix
evandrix / ctf_mpetrov.c
Created February 24, 2012 14:43 — forked from michaelpetrov/ctf_mpetrov.c
Stripe CTF Challenge Level 06 Solution
//
// Created by Michael Petrov on 12-02-23.
// Copyright (c) 2012 TenthBit Inc. All rights reserved.
// http://michaelpetrov.com ([email protected])
//
//
// This solution performs a timing attack on the fork system call. By monitoring the process closely
// it is possible to discover where the fork likely happened. With some basic heuristics, it's possible
// to infer where the wrong character is. With very minor brute force searching it becomes very easy
// to find the password one letter at a time.
@evandrix
evandrix / windows.h__.js
Created November 18, 2012 12:53
windows.h.js INFINITY
var ffi = require('ffi'),
ref = require('ref'),
Struct = require('ref-struct'),
Library = require('./Library'),
Type = ref.Type,
NULL = ref.NULL,
isNull = ref.isNull;
var groups = ['libs', 'types', 'structs', 'callbacks', 'enums'];
@evandrix
evandrix / jquery_for_greasemonkey.user.js
Created December 29, 2012 09:14
var console = unsafeWindow.console;
// a function that loads jQuery and calls a callback function when jQuery has finished loading
function addJQuery(callback) {
var script = document.createElement("script");
script.setAttribute("src", "http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js");
script.addEventListener('load', function() {
var script = document.createElement("script");
script.textContent = "(" + callback.toString() + ")();";
document.body.appendChild(script);
@evandrix
evandrix / gist:4472400
Created January 7, 2013 04:44 — forked from trietptm/gist:4466904
http://www.hackthis.co.uk/ctf/1
<?php
$user = $_POST['user'];
$pass = $_POST['pass'];
if ($user == "admin" && $pass == "pass") {
//valid login
} else {
//invalid login
}
?>
@evandrix
evandrix / gist:4472401
Last active December 10, 2015 18:08 — forked from trietptm/gist:4467108
http://www.hackthis.co.uk/ctf/2?p=login
<?php
// ...
if ($page == "admin" && !$user->isAdmin()) {
include("admin.php");
} else {
include("/pages/{$page}.html");
}
?>