Skip to content

Instantly share code, notes, and snippets.

View trietptm's full-sized avatar
💭
Information Security Consulting, Threat Hunting

Minh-Triet Pham Tran trietptm

💭
Information Security Consulting, Threat Hunting
1.7k followers · 18.2k following
View GitHub Profile
@trietptm
trietptm / crypto4000-solver.py
Created August 3, 2016 16:25 — forked from vqhuy/crypto4000-solver.py
crypto 4000 solver - SV ATTT 2015
'''
./hash_extender --data VVNFUk5BTUU9YWRtaW4AQmlvZ3JhcGh5PWFkbWkAUk9MRT0w --secret 16 --append AFJPTEU9MQ== --signature 89542f421e21de8edfcf39ec0e88b29b --format md5
Type: md5
Secret length: 16
New signature: 8c8a2d7f702abae1fb78766aa8694ebd
New string: 56564e46556b3542545555395957527461573441516d6c765a334a68634768355057466b62576b41556b394d525430778000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000041464a50544555394d513d3d
'''
from pwn import *
s = remote("192.168.1.101", 31330)
@trietptm
trietptm / re300-solver.c
Created August 3, 2016 16:26 — forked from vqhuy/re300-solver.c
re300 - SVATTT 2015 CTF
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdint.h>
int dword_804B16C, dword_804B170, dword_804B174, dword_804B178, dword_804B17C, dword_804B180;
int pos = 0;
int v11;
int v12;
@trietptm
trietptm / crackme.c
Created August 3, 2016 16:26 — forked from vqhuy/crackme.c
A demonstration of Markus Gaasedelen's method for reversing a binary - see URL in find_password.py
#include <stdlib.h>
#include <stdio.h>
void main(int argc, char *argv[])
{
if( argv[1][0] == 'f' ) {
if( argv[1][1] == 'o' ) {
if( argv[1][2] == 'o' ) {
if( argv[1][3] == '\x00' ) {
printf( "good password\n" );
@trietptm
trietptm / crackme.c
Created August 3, 2016 16:26 — forked from TylerOderkirk/crackme.c
A demonstration of Markus Gaasedelen's method for reversing a binary - see URL in find_password.py
#include <stdlib.h>
#include <stdio.h>
void main(int argc, char *argv[])
{
if( argv[1][0] == 'f' ) {
if( argv[1][1] == 'o' ) {
if( argv[1][2] == 'o' ) {
if( argv[1][3] == '\x00' ) {
printf( "good password\n" );
@trietptm
trietptm / rol-ror.py
Created August 3, 2016 16:27 — forked from vqhuy/rol-ror.py
python rol, ror operation implement
###########################################################################
# Rotating bits (tested with Python 2.7)
from __future__ import print_function # PEP 3105
# max bits > 0 == width of the value in bits (e.g., int_16 -> 16)
# Rotate left: 0b1001 --> 0b0011
rol = lambda val, r_bits, max_bits: \
(val << r_bits%max_bits) & (2**max_bits-1) | \
@trietptm
trietptm / notes.md
Created August 3, 2016 19:00
z3 for ctf
@trietptm
trietptm / hex.c
Created August 13, 2016 11:33 — forked from endeav0r/hex.c
display file in hex
#include <stdio.h>
#include <stdlib.h>
int main (int argc, char * argv[]) {
int filesize;
int i;
unsigned char byte;
char string[41];
@trietptm
trietptm / analyze.py
Created August 13, 2016 11:34 — forked from endeav0r/analyze.py
This is a quick, static taint-analysis script targetting PHP as seen on: http://rainbowsandpwnies.com/~endeavor/blog/finding-sqli-through-taint-analysis.html . It may be a bit hackish.
from phply.phpparse import parser
import phply.phplex as phplex
from phply.phpast import *
import sys
import copy
import os.path
import pickle
import subprocess
import traceback
@trietptm
trietptm / CTF Stuff
Created August 13, 2016 14:22 — forked from DISC2014/CTF Stuff
CTF Stuff
OUR TEAM:
ctftime.org/team/8753
CYSCA FILES
github.com/CySCA2014/CySCA2014
TUTORIALS:
@trietptm
trietptm / quick_ioctl_decoder.py
Created August 14, 2016 04:53 — forked from herrcore/quick_ioctl_decoder.py
IDA Python plugin - Decode IOCTL Codes
############################################################################################
##
## Quick IOCTL Decoder!
##
## All credit for actual IOCTL decode logic:
## http://www.osronline.com/article.cfm?article=229
##
##
## To install:
## Copy script into plugins directory, i.e: C:\Program Files\IDA 6.8\plugins