Skip to content

alanvivona/pwnshop

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Pwnshop

Reverse Engineering, Exploitation & Crypto.

Check out my blog, follow me on Twitter and Youtube!

Support the project :

Buy Me A Coffee

Contents:

  • Reverse engineering a simple crackme called “Just see”: writeup

  • Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup

  • Utility - Object/Executable file to shellcode converter script: code

  • Utility - Assembly and link script : code

  • Utility - Shellcode testing skeleton generator : code

  • Utility - GDB python script template : code

  • Exit syscall asm: code

  • Write syscall "Hello world!": code

  • Execve shellcode (dynamic addressing) code

  • Ret2libc exploit for protostar stack6 challenge : code

  • Exploit for protostar stack7 challenge (Smallest ROP chain): code

  • Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup

  • Execve shellcode (stack method) : code

  • Execve shellcode using RIP relative addressing code

  • Password Protected Bind Shell (Linux/x64) code, writeup

  • Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out

  • XANAX - A custom shellcode encoder written in assembly :

  • A more generic (and somewhat extensible) encoder skeleton written in Go code

  • Gocryper : A custom AES shellcode crypter written in Go code, writeup

  • A basic Polimorphic Engine written in Go code, writeup

  • Egg-hunter shellcode (Linux/x64) code, writeup

  • Password Protected Reverse Shell (Linux/ARMv6)

  • MalwareTech's String Challenges crackmes: writeup

  • MalwareTech's Shellcode Challenges crackmes: writeup

  • DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code

  • Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup

  • Solution for the crackme "Crack3-by-D4RK_FL0W" :

    • Option 1 - Using r2 macros to extract the PIN: code
    • Option 2 - Using GEF and unicorn-engine emulation to bruteforce the PIN: code
    • Blog post exploring both options: writeup
  • Utility - r2frida Cheatsheet: writeup

  • Solution for the crackme "alien_bin" writeup

  • Automated solutions for the crackme "mexican": writeup, script solution 1: carving, script solution 2: patching

  • Writeup for the crackme "crackme_by_coulomb" (.net): writeup

  • Writeup for the crackme "shadows_registerme" (.net): writeup

  • Writeup for the crackme "removemytrial_by_coulomb" (.net): writeup

  • Writeup for the crackme "Get The Password": writeup, code (keygen)

  • Cyptopals Solutions: Set 1, Challenge 1. "Convert hex to base64": code

  • Cyptopals Solutions: Set 1, Challenge 2. "Fixed XOR": code

  • Cyptopals Solutions: Set 1, Challenge 3. "Single-byte XOR cipher": code

  • Cyptopals Solutions: Set 1, Challenge 4. "Detect single-character XOR": code

  • Cyptopals Solutions: Set 1, Challenge 5. "Implement repeating-key XOR": code

  • Cyptopals Solutions: Set 1, Challenge 6. "Break repeating-key XOR": code

  • Cyptopals Solutions: Set 1, Challenge 7. "AES in ECB mode": code

  • Cyptopals Solutions: Set 1, Challenge 8. "Detect AES in ECB mode": code

  • Cyptopals Solutions: Set 2, Challenge 9. "Implement PKCS#7 padding": code

  • Cyptopals Solutions: Set 2, Challenge 15. "PKCS#7 padding validation": code

Useful links:

Tools:

A non-exhaustive list of tools

Resources:

There's a LOT of stuff out there. These are just the most useful things I've found so far.