I hereby claim:
- I am ocean1 on github.
- I am oce4n (https://keybase.io/oce4n) on keybase.
- I have a public key whose fingerprint is AD2F 69FC 908C 05C4 EE1C A1F7 5B7C EDEB A937 0413
To claim this, I am signing this object:
ocean1
/ disasmpy.py
Created
April 17, 2014 22:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import dis, marshal, struct, sys, time, types | |
| def show_file(fname): | |
| f = open(fname, "rb") | |
| magic = f.read(4) | |
| moddate = f.read(4) | |
| modtime = time.asctime(time.localtime(struct.unpack('<I', moddate)[0])) | |
| print "magic %s" % (magic.encode('hex')) | |
| print "moddate %s (%s)" % (moddate.encode('hex'), modtime) | |
| code = marshal.load(f) |
ocean1
/ equality check to avoid timing attacks
Created
May 19, 2014 14:28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # took from here | |
| # http://codahale.com/a-lesson-in-timing-attacks/ | |
| def is_equal(a, b): | |
| if len(a) != len(b): | |
| return False | |
| result = 0 | |
| for x, y in zip(a, b): | |
| result |= x ^ y |
ocean1
/ GetProcAddr from PEB
Created
September 21, 2014 21:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00413CAB 5D POP EBP | |
| 00413CAC 81ED 38324000 SUB EBP,video.00403238 | |
| 00413CB2 64:8B1D 30000000 MOV EBX,DWORD PTR FS:[30] ;PEB | |
| 00413CB9 8B5B 0C MOV EBX,DWORD PTR DS:[EBX+C] ;PPEB_LDR_DATA, LoaderData | |
| 00413CBC 8B5B 1C MOV EBX,DWORD PTR DS:[EBX+1C] ;InInitializationOrderModuleList | |
| 00413CBF 8B1B MOV EBX,DWORD PTR DS:[EBX] ;get first loaded dll | |
| 00413CC1 8B5B 08 MOV EBX,DWORD PTR DS:[EBX+8] ;module base | |
| 00413CC4 89DA MOV EDX,EBX | |
| 00413CC6 8995 EB324000 MOV DWORD PTR SS:[EBP+4032EB],EDX | |
| 00413CCC 89D3 MOV EBX,EDX |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context(arch='i386', os='linux', log_level="info") | |
| HOST = args.get('HOST', "localhost") | |
| PORT = 4000 | |
| got_exit = 0x804A010 | |
| # account in the shellcode that when we overwrite prev/next | |
| # it may overwrite part of the shellcode, we want to jump over |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # The BSD License (http://www.opensource.org/licenses/bsd-license.php) | |
| # specifies the terms and conditions of use for checksec.sh: | |
| # | |
| # Copyright (c) 2009-2011, Tobias Klein. | |
| # All rights reserved. | |
| # | |
| # Redistribution and use in source and binary forms, with or without | |
| # modification, are permitted provided that the following conditions |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context(arch='i386', os='linux', log_level="info") | |
| DEBUG = False | |
| HOST = "cybergrandsandbox_e722a7ec2ad46b9fb8472db37cb95713.quals.shallweplayaga.me" | |
| PORT = 4347 | |
| def spliteach(x, n): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| int | |
| main() | |
| { | |
| FILE *maps; | |
| void *vdso_begin, *vdso_end; | |
| maps = fopen("/proc/self/maps", "r"); |
ocean1
/ defconquals2015_cybergrandsandbox.py
Last active
August 29, 2015 14:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # patching the vulnerable binary just requires to reduce the size of the read up to 0x200 :) | |
| from pwn import * | |
| context(arch='i386', os='linux', log_level="info") | |
| DEBUG = False | |
| HOST = "cybergrandsandbox_e722a7ec2ad46b9fb8472db37cb95713.quals.shallweplayaga.me" | |
| PORT = 4347 |
ocean1
/ keybase.md
Created
July 27, 2015 13:28
ocean1
/ i3.conf
Created
October 1, 2015 15:35
— forked from diyan/i3.conf
i3 tiling window manager configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file has been auto-generated by i3-config-wizard(1). | |
| # It will not be overwritten, so edit it as you like. | |
| # | |
| # Should you change your keyboard layout somewhen, delete | |
| # this file and re-run i3-config-wizard(1). | |
| # | |
| # i3 config file (v4) | |
| # | |
| # Please see http://i3wm.org/docs/userguide.html for a complete reference! |
OlderNewer