- awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares
spnow
/ Entrop3r.py
Created
April 14, 2017 23:50
— forked from the-st0rm/Entrop3r.py
Nuit du hack 2017 Quals - Entrop3r (pwn 300)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| import socket | |
| import sys | |
| import string | |
| import time | |
| def recv_until(s, data): | |
| res = "" |
spnow
/ awesome-pwnable.md
Created
April 11, 2017 23:39
— forked from kcchu/awesome-pwnable.md
spnow
/ reclaimWindows10.ps1
Created
April 11, 2017 23:37
— forked from alirobe/reclaimWindows10.ps1
"Reclaim Windows 10" turns off a bunch of unnecessary Windows 10 telemetery, removes bloatware, and privacy invasions. Review and tweak before running. Scripts for reversing are included and commented. Fork via https://github.com/Disassembler0 (different defaults)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ########## | |
| # Win10 Initial Setup Script | |
| # Author: Disassembler <[email protected]> | |
| # Version: 1.7, 2016-08-15 | |
| # dasm's script: https://github.com/Disassembler0/Win10-Initial-Setup-Script/ | |
| # THIS IS A PERSONALIZED VERSION | |
| # This script leaves more MS defaults on, including MS security features. | |
| # Tweaked based on personal preferences for @alirobe 2016-11-16 - v1.7.1 |
spnow
/ decrypt_zeus.py
Created
April 11, 2017 23:33
— forked from coldshell/decrypt_zeus.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def decrypt(func): | |
| """ | |
| Decryption of zeus strings | |
| """ | |
| ZBOT_INDEX_MIN = 0x0 | |
| ZBOT_INDEX_MAX = 0xe7 | |
| data = {} | |
| for i in range(ZBOT_INDEX_MIN, ZBOT_INDEX_MAX): | |
spnow
/ windows_privesc
Created
April 11, 2017 23:30
— forked from sckalath/windows_privesc
Windows Privilege Escalation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // What system are we connected to? | |
| systeminfo | findstr /B /C:"OS Name" /C:"OS Version" | |
| // Get the hostname and username (if available) | |
| hostname | |
| echo %username% | |
| // Get users | |
| net users | |
| net user [username] |
spnow
/ OmniCode
Created
April 11, 2017 22:26
— forked from sahwar/OmniCode
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OmniCode! version 0.1.7 | |
| Description for the New Net | |
| All codes are built in the following way: | |
| [code symbol][attribute].[modifier].[modifier].[modifier]... | |
| or for multiple codes: | |
| [code symbol][attribute].[modifier]&[attribute].[modifier]... |
spnow
/ col_solve.py
Created
March 16, 2017 21:06
— forked from wumb0/col_solve.py
angr solver for the collision challenge of pwnable.kr
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from angr import Project, surveyors | |
| from sys import exit | |
| import claripy | |
| '''vars | |
| pstr: where the dynamic input will be stored in the state | |
| phcode: the address of hash to collide with (the program loads the correct hash from this address) | |
| find: the address we want the path explorer to find (the "you win" address) | |
| retn: the simulation starts in a function called from main (check_password) but the 'find' address is in main so I need a place to return |
spnow
/ sqlpwn.php
Created
March 16, 2017 21:05
— forked from RickGray/sqlpwn.php
AIS3 Final CTF Web
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| sqlpwn by orange | |
| Don't brute force or you will be banned ! | |
| */ | |
| session_start(); | |
| error_reporting(0); | |
| include "template.html"; |
(python -c 'print "payload"'; cat -) | nc pwnable.url
(echo payload; cat) | ./pwnable
cat payload - | ./pwnable
spnow
/ README.MD
Created
March 16, 2017 21:02
— forked from mjb940806/README.MD
Pwnable.kr [Toddler's Bottle] Writeup
ssh [email protected] -p2222 (pw:guest)
์ํ์ด ์ ธ(Secure Shell, SSH)๋ ๋คํธ์ํฌ ์์ ๋ค๋ฅธ ์ปดํจํฐ์ ๋ก๊ทธ์ธํ๊ฑฐ๋ ์๊ฒฉ ์์คํ ์์ ๋ช ๋ น์ ์คํํ๊ณ ๋ค๋ฅธ ์์คํ ์ผ๋ก ํ์ผ์ ๋ณต์ฌํ ์ ์๋๋ก ํด ์ฃผ๋ ์์ฉ ํ๋ก๊ทธ๋จ ๋๋ ๊ทธ ํ๋กํ ์ฝ์ ๊ฐ๋ฆฌํจ๋ค. ๊ธฐ์กด์ rsh, rlogin, ํ ๋ท ๋ฑ์ ๋์ฒดํ๊ธฐ ์ํด ์ค๊ณ๋์์ผ๋ฉฐ, ๊ฐ๋ ฅํ ์ธ์ฆ ๋ฐฉ๋ฒ ๋ฐ ์์ ํ์ง ๋ชปํ ๋คํธ์ํฌ์์ ์์ ํ๊ฒ ํต์ ์ ํ ์ ์๋ ๊ธฐ๋ฅ์ ์ ๊ณตํ๋ค.