crazy hugsy hugsy
hugsy
/ no-ptrace.c
Created
April 27, 2016 22:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <sys/ptrace.h> | |
| #include <sys/types.h> | |
| #include <sys/mman.h> | |
| #include <string.h> | |
| #define MSG "ptrace protected" | |
| int main(int argc, char** argv, char** envp) |
hugsy
/ gef-exploit.py
Last active
October 3, 2016 14:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # ASIS CTF 2016 | |
| # b00ks - pwn 146 | |
| # | |
| # | |
| import socket, struct, sys, telnetlib, binascii | |
| HOST = "books.asis-ctf.ir" | |
| HOST = "172.28.128.3" |
hugsy
/ gef-exploit.py
Last active
March 24, 2021 06:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # ASIS CTF 2016 | |
| # feap | |
| # | |
| # @_hugsy_ | |
| # | |
| # $ ./gef-exploit.py (13:55) | |
| # [+] Connected to feap.asis-ctf.ir:7331 | |
| # [+] Leaking addresses |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # | |
| # feedme challenge | |
| # defcon ctf 2016 | |
| # | |
| # @_hugsy_ | |
| # | |
| import socket, struct, sys, telnetlib, binascii | |
| HOST = "feedme_47aa9b0d8ad186754acd4bece3d6a177.quals.shallweplayaga.me" |
hugsy
/ heapfun4u.py
Created
May 23, 2016 23:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # | |
| # DEFCON CTF 2016 - heapfun4u | |
| # | |
| # @_hugsy_ | |
| # | |
| import socket, struct, sys, telnetlib, binascii | |
| HOST = "heapfun4u_873c6d81dd688c9057d5b229cf80579e.quals.shallweplayaga.me" | |
| HOST = "172.28.128.4" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # | |
| # ARMpwn challenge exploit (kudos & thx to 5aelo) | |
| # | |
| # writeup: https://blahcat.github.io/2016/06/13/armpwn-challenge/ | |
| # | |
| # @_hugsy_ | |
| # | |
| from pwn import * |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| abandoned | |
| able | |
| absolute | |
| adorable | |
| adventurous | |
| academic | |
| acceptable | |
| acclaimed | |
| accomplished | |
| accurate |
hugsy
/ gist:32e4fdf200dd471defc9e32dda4891e7
Last active
September 14, 2016 13:53
CTF(x) 2016 dat-boinary
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| # [+] Opening connection to 172.28.128.3 on port 1338: Done | |
| # [*] Smash null byte | |
| # [*] Reading from memory | |
| # [*] Leaked puts@glibc at 0xb7665650 | |
| # [*] system@glibc is at 0xb7640190 | |
| # [*] Overwriting puts@got with system@glibc | |
| # [*] Triggering | |
| # [*] Switching to interactive mode |
hugsy
/ gist:edb4bbbb63fde3a2a49ec52845b372c4
Created
September 6, 2016 01:25
TWCTF 2016 - reverse_box
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # | |
| # @_hugsy_ | |
| # | |
| # $ python /tmp/uni.py | |
| # >>> init randint is d6 | |
| # The flag is TWCTF{5UBS717U710N_C1PH3R_W17H_R4ND0M123D_5-B0X} | |
| # | |
| import unicorn |
hugsy
/ gist:3d983e103056372d838e6ee2d3fbfba4
Last active
October 3, 2016 14:34
CSAW 2016 - pwn 200 - tutorial
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # CSAW 2016 - pwn 200 - tutorial | |
| # | |
| # @_hugsy_ | |
| # | |
| # tutorial@9c7e30ba54b6:/home/tutorial$ ls | |
| # ~/cur/tutorial $ py xpl.py | |
| # [+] Opening connection to pwn.chal.csaw.io on port 8002: Done | |
| # [*] Got 0x7f60e48eb860 | |
| # [*] libc is 0x7f60e487c000 |