Skip to content

Instantly share code, notes, and snippets.

View wizche's full-sized avatar

Sergio Paganoni wizche

26 followers · 8 following
View GitHub Profile
@wizche
wizche / gist:dfcac5be608770999bc696e1ee328899
Last active April 10, 2022 18:29
CTF writeup
# Insomni'Hack CTF - Republic of Pancakes
## Intro
Some informations about our target binary:
```sh
$ file rop
rop: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=a323ee2288744966a2dd2f942b4327541e767505, stripped
```
@wizche
wizche / peparse.py
Last active February 28, 2022 20:25
Generate summary of UNWIND_INFO versions on all DLLs in System32
import pefile
import os
search_path = "C:\Windows\System32"
files = 0
totals = {}
for file in os.listdir(search_path):
if file.endswith(('.exe', '.dll')):
pe = pefile.PE(os.path.join(search_path, file))
@wizche
wizche / exploit.js
Created March 22, 2021 13:45 — forked from eboda/exploit.js
Exploit for Chakrazy challenge from PlaidCTF 2017 - ChakraCore exploit
////////////////////////////////////////////////////////////////////////////
//
// The vulnerability was that the following line of code could change the type of the
// underlying Array from JavascriptNativeIntArray to JavascriptArray:
//
// spreadableCheckedAndTrue = JavascriptOperators::IsConcatSpreadable(aItem) != FALSE;
//
// As can be seen in the provided .diff, the check for whether the type of the pDestArray has changed
// was removed. If the aItem then is not a JavascriptArray, the following code path is taken:
// else
@wizche
wizche / asov_checkshit_singlefile.txt
Created December 15, 2019 08:16 — forked from andreafioraldi/asov_cheatshit_singlefile.txt
___ ____ ______ __
/ | / __ \/ ___/ | / /
/ /| |/ / / /\__ \| | / /
/ ___ / /_/ /___/ /| |/ /
/_/__||||||_//____/ |___/__ _____ __ _ __
/ ____/ /_ ___ _____/ /_/ ___// /_ (_) /_
/ / / __ \/ _ \/ ___/ __/\__ \/ __ \/ / __/
/ /___/ / / / __/ /__/ /_ ___/ / / / / / /_
\____/_/ /_/\___/\___/\__//____/_/ /_/_/\__/
@wizche
wizche / Kkeybase.md
Created May 2, 2018 21:13

Keybase proof

I hereby claim:

  • I am wizche on github.
  • I am wizche (https://keybase.io/wizche) on keybase.
  • I have a public key ASC_r5yjNcxzYw33m1cJhRG04T-ANNkk0eU-m5epKyrFSAo

To claim this, I am signing this object:

@wizche
wizche / BinaryTree.java
Created August 11, 2014 13:40
Binary Tree with Iterator for in-order traversal (iterative)
import java.util.Iterator;
public abstract class BinaryTree<T> {
public abstract int compareTo (T val1, T val2);
//public abstract Nodo removeNode(Nodo r, T n);
public class Node {
private T val;
@wizche
wizche / Debug.cpp
Last active August 29, 2015 13:57
Simple debug Macros with threshold level for Win C++
#include "Debug.h"
#ifdef DEBUG_ENABLED
const char *DEBUG_LEVEL_STRINGS[] = { "ERR", "WARN", "INFO", "TRACE" };
void DebugInternal(DEBUG_LEVEL_NS::DEBUG_LEVEL level, LPCSTR className, LPCSTR text)
{
if (level > DEFAULT_DEBUG_LEVEL)
return;
@wizche
wizche / LinkLabel.html
Last active December 19, 2015 11:59
Simple panel to insert link inside a label. Inject the link on a string with the following link placeholder ${link}
<wicket:panel>
<span wicket:id="first"></span>
<a wicket:id="link"><span wicket:id="linkLabel"></span></a>
<span wicket:id="second"></span>
</wicket:panel>