Paweł Łukasik pawlos
🐛
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from pulp import LpProblem, LpVariable, lpSum, LpBinary, LpMinimize, PULP_CBC_CMD | |
| A = [int(x, 16) for x in """35e, 60, 203, 73, 23e, 19f, 2f9, 79, 3a6, 26a, 348, 3b6, 45, 286, fe, 2b1, | |
| 231, 1a0, 22d, 1f7, 37c, 16e, 3e1, 2ab, 22, 19b, 5a, 6, 191, 52, 383, 98, 8e, 1f1, 19c, 3d, 215, | |
| 11, 338, 61, 88, 22a, 115, 222, 224, 1c1, 2, 2fc, 1ab, 3c5, cf, 3bd, 37a, 1ef, 1da, 2e8, dd, 198, | |
| 20a, 205, 81, 2b3, 2bd, 233, 173, 2c3, 1de, 140, 144, 18c, f4, 32f, d8, 1e5, 4c, 341, 27f, 33, 211, | |
| 18f, 2c6, 382, 8a, 2ef, 2e1, ab, 29d, de, e1, 31a, 390, 3de, 1ca, 368, 276, 234, 132, 2b6, 10d, 80, | |
| 3c2, a4, 3da, 3b0, 21e, 379, 78, 21a, 3cd, 34b, 384, 342, 204, f0, 19e, 11c, d9, 2ae, 3cc, 1e7, 74, | |
| 2c1, 87, 3bb, 2f, 369, 20b, 7, 372, 114, 30c, 189, 2b9, 18b, 39a, 23b, 127, 24, 57, 261, 3e7, 259, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| c5d = [225,204,82,249,67,214,139,164,154,116,172,47,62,84,45,3,47,104,35,84,93,44,34,6,25,163,30,206,78,117,5,225,233,23,152,55,146,238,226,49,74,173,199,34,15,78,84,81,161,96,220,110,128,201,46,27,123,41,191,6,123,58,89,119,69] | |
| FLEN = 65 | |
| paX = 23 | |
| BLKSZ = 12 | |
| b00ts = 47 | |
| kallax = [3,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1,0,0] | |
| billy = [166,241,180,132,190,47,251,88,10,46,127,195,92,216,151,226,103,173,3,218,0,14,199,119,228,111,214,104,131,252,134,152,225,52,39,60,56,179,4,144,24,203,233,156,167,91,146,254,73,27,187,123,113,40,83,41,1,81,22,202,201,176,100,158,87,50,128,182,84,209,55,240,20,62,51,184,75,220,175,192,12,172,5,204,61,186,30,154,255,101,213,208,67,145,23,36,170,141,108,212,181,193,82,37,74,211,109,155,168,221,138,207,121,130,198,9,188,164,124,249,217,157,110,139,210,229,8,116,93,6,178,29,70,2,129,53,183,197,99,95,38,244,65,125,85,49,194,94,11,219,148,215,115,223,26,140,44,245,19,15,248,86,7,205,253,171,160,169,246,105,191,54,243,239,238,79,13,242,143,72,68,25,227,97,34,31,161,19 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .section .ikea | |
| FLEN: db 65 | |
| paX: db 23 | |
| BLKSZ: db 12 | |
| b00ts: db 47 | |
| c5d: db 225,204,82,249,67,214,139,164,154,116,172,47,62,84,45,3,47,104,35,84,93,44,34,6,25,163,30,206,78,117,5,225,233,23,152,55,146,238,226,49,74,173,199,34,15,78,84,81,161,96,220,110,128,201,46,27,123,41,191,6,123,58,89,119,69 | |
| kallax: db 3,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1,0,0 | |
| billy: db 166,241,180,132,190,47,251,88,10,46,127,195,92,216,151,226,103,173,3,218,0,14,199,119,228,111,214,104,131,252,134,152,225,52,39,60,56,179,4,144,24,203,233,156,167,91,146,254,73,27,187,123,113,40,83,41,1,81,22,202,201,176,100,158,87,50,128,182,84,209,55,240,20,62,51,184,75,220,175,192,12,172,5,204,61,186,30,154,255,101,213,208,67,145,23,36,170,141,108,212,181,193,82,37,74,211,109,155,168,221,138,207,121,130,198,9,188,164,124,249,217,157,110,139,210,229,8,116,93,6,178,29,70,2,129,53,183,197,99,95,38,244,65,125,85,49,194,94,11,219,148,215,115,223,26,140,44,245,19,15,248,86,7,205,253,171,160,169,246,105,191,54,243,239,238,79,13,242,14 |
pawlos
/ api_hashes.txt
Last active
December 21, 2024 22:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # From https://github.com/tildedennis/malware/blob/master/phasebot/api_hashes | |
| # C:\Windows\System32\kernel32.dll | |
| AcquireSRWLockExclusive,0x4784e83e | |
| AcquireSRWLockShared,0x23c00487 | |
| ActivateActCtx,0x6aa0c20c | |
| AddAtomA,0x7f449663 | |
| AddAtomW,0x8b902332 | |
| AddConsoleAliasA,0x3be718de | |
| AddConsoleAliasW,0xcf33ad8f | |
| AddIntegrityLabelToBoundaryDescriptor,0x3af410d5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| import selenium.webdriver.firefox.service | |
| from selenium import webdriver | |
| import os | |
| import psycopg2 | |
| from datetime import * | |
| from time import sleep, time | |
| # Set webdriver path |
pawlos
/ index.html
Created
September 1, 2021 18:07
— forked from lbherrera/index.html
Solution for the MessageKeeper challenge from Pwn2Win 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <title>Pwn2Win | MessageKeeper</title> | |
| </head> | |
| <body> | |
| <script> | |
| let alphabet = "0123456789abcdef"; | |
| const sleep = (ms) => { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const = 0xc6a4a7935bd1e995 | |
| #simplified mangle algorith form the binary | |
| def mangle(a, i): | |
| b = 1 | |
| c = 0x1337 | |
| temp = c ^ (b * const) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| # This exploit template was generated via: | |
| # $ pwn template --host crypto.2021.chall.actf.co --port 21603 | |
| from pwn import * | |
| # Set up pwntools for the correct architecture | |
| exe = context.binary = ELF('./chall') | |
| # Many built-in settings can be controlled on the command-line and show up |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| REM open cmd.exe as admin to run this | |
| REM Creates a patched vmwp.exe replacing these bytes: | |
| REM 0F B6 43 64 41 89 47 64 0F B6 43 65 41 89 47 68 0F B6 43 66 41 89 47 6C 0F B6 43 67 41 89 47 70 | |
| REM 41 C7 47 64 01 00 00 00 41 C7 47 68 01 00 00 00 41 C7 47 6C 01 00 00 00 41 C7 47 70 01 00 00 00 | |
| REM Enables PMU, LBR, PEBS, IPT | |
| cd %TEMP% | |
| copy %windir%\system32\vmwp.exe . |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #script for https://www.youtube.com/watch?v=FvH7b_qLmbU | |
| import struct | |
| from ghidra.program.model.symbol import * | |
| xrefs = currentProgram.getReferenceManager() | |
| startAddr = currentAddress | |
| currAddr = currentAddress | |
| while True: |
NewerOlder