| // call the function "f_envia_smtp_pbni" with the following parameters | |
| string ls_recipient = 'Oscar Tristan <[email protected]>' | |
| string ls_subject = 'This is a message sent from PBNI' | |
| string ls_message = 'Hello, I sent this message from PB' | |
| string ls_attach = 'My file path' | |
| f_envia_smtp_pbni(ls_recipient,ls_subject,ls_message,ls_attach) |
These instructions are meant to address the error generated by PowerBuilder when used with Oracle 9i, which does not recognize the Oracle TNSNames when creating a data profile. This bug is fixed in Oracle 11.
Install the Oracle 9i client:
Run PowerBuilder Installer:
| //this module corresponds to an OleCustomControl object of powerbuilder, the read COM port function is called, which is also among my GIST | |
| String ls_car | |
| integer peso | |
| // the object is read until a 6-digit result is obtained if the ascci character 10 is detected | |
| if MSCOMM_LEER_PESO_LO.object.CommEvent = 2 then | |
| ls_car = MSCOMM_LEER_PESO_LO.object.Input | |
| if Asc(ls_car) = 13 then Return |
| import sys | |
| import os | |
| from pwn import * | |
| def tee_process(p): | |
| import threading | |
| import ctypes | |
| libc = ctypes.CDLL(None) | |
| splice = libc.splice | |
| tee = libc.tee |
I played Harekaze Mini CTF 2020 for about 3 hours this weekend. The pwn challenges were nice (I especially enjoyed nm-game-extreme). Here are some short writeups.
The program just tells you to provide shellcode that will execute execve("/bin/sh", NULL, NULL). It gives you the address of the "/bin/sh" string, so you just create shellcode to do the job and send it:
#!/usr/bin/env python3
from pwn import *
| // TLDR: | |
| // Whitebox 128-bit rsa with e=17. Input is multiplied by a constant before the RSA | |
| #include <Windows.h> | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| extern "C" void __fastcall rsa_encrypt (uint8_t* in, uint8_t* out); | |
| // 1. Func is ~90kb, and control flow is simple. Should be decompilable just extremely SLOW. |
| %pylab inline | |
| %load_ext autoreload | |
| %autoreload 2 | |
| from tools.lib.route import Route | |
| from tools.lib.logreader import LogReader | |
| r,num = Route("ce2fbd370f78ef21|2020-11-27--16-27-28"),10 | |
| #r,num = Route("f66032c2b5aa18ac|2020-12-04--09-33-54"),30 | |
| alr = [] | |
| for n in range(num-1, num+5): |
| # Crash the Windows Event Log Service remotely, needs Admin privs | |
| # originally discovered by limbenjamin and accidently re-discovered by @byt3bl33d3r | |
| # | |
| # Once the service crashes 3 times it will not restart for 24 hours | |
| # | |
| # https://github.com/limbenjamin/LogServiceCrash | |
| # https://limbenjamin.com/articles/crash-windows-event-logging-service.html | |
| # | |
| # Needs the impacket library (https://github.com/SecureAuthCorp/impacket) |
