├── 2013 ├── codegate-quals │ ├── vuln100 │ │ ├── 94dd6790cbf7ebfc5b28cc289c480e5e │ │ ├── README.md │ │ ├── doit.py │ │ └── harness.py │ ├── vuln200 │ │ ├── .gitignore │ │ ├── 5b7420a5bcdc1da85bccc62dcea4c7b8 │ │ ├── README.md │ │ ├── doit.py │ │ └── harness.py │ ├── vuln300 │ │ ├── 8ff953dd97c4405234a04291dee39e0b │ │ ├── README.md │ │ ├── doit.py │ │ └── harness.py │ └── vuln400 │ │ ├── 7b80d4d56c282a310297336752c589b7 │ │ ├── README.md │ │ ├── doit.py │ │ └── harness.py ├── pctf │ ├── pork │ │ ├── README │ │ ├── doit.py │ │ ├── harness.py │ │ ├── pork-8c2fdf93e211c7358e0192a24bc951843da672b1 │ │ └── pork-patched │ ├── ropasaurus │ │ ├── doit.py │ │ ├── harness.py │ │ └── ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d │ └── ropasaurus2 │ │ ├── doit.py │ │ ├── libc.so.6-f85c96c8fc753bfa75140c39501b4cd50779f43a │ │ └── ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d └── rwthCTF │ └── trafman │ ├── pwn_trafman.py │ └── trafman ├── 2014 ├── defcon-finals │ ├── eliza-x86-printf │ │ ├── README.md │ │ ├── eliza_x86 │ │ ├── exploit.py │ │ ├── flag.txt │ │ └── transcript.txt │ └── wdub-v1 │ │ ├── README.md │ │ ├── exploit.py │ │ ├── images │ │ ├── image00.png │ │ ├── image01.png │ │ ├── image02.png │ │ ├── image03.png │ │ ├── image04.png │ │ ├── image05.png │ │ ├── image06.png │ │ ├── image07.png │ │ ├── image08.png │ │ ├── image09.png │ │ ├── image10.png │ │ ├── image11.png │ │ ├── image12.png │ │ ├── image13.png │ │ ├── image14.png │ │ └── image15.png │ │ ├── patch.py │ │ └── wdub ├── defcon-quals │ ├── babyfirst-heap │ │ ├── babyfirst-heap_33ecf0ad56efc1b322088f95dd98827c │ │ ├── doit.py │ │ └── harness.py │ └── bbgp │ │ ├── bbgp_7cdbfdae936b3c6ed10588119a8279a0 │ │ ├── doit.py │ │ └── harness.py ├── gits-teaser │ └── citadel │ │ ├── README │ │ ├── citadel │ │ ├── doit.py │ │ └── harness.py ├── hacklu │ └── holy-moses │ │ ├── expl.py │ │ └── saloon └── plaid │ └── whee │ └── writeup.txt ├── 2016 └── defcon_quals │ ├── glados │ ├── glados │ ├── glados_noalarm_noaslr │ ├── glados_original │ └── win.py │ └── heapfun │ ├── heapfun4u │ └── win.py ├── LICENSE ├── README.md ├── run_all_tests.py ├── srop-examples ├── srop │ ├── doit.py │ ├── harness.py │ ├── poc-32 │ └── poc-32.c └── srop2 │ ├── doit.py │ ├── harness.py │ ├── poc-nasm │ └── poc-nasm.S └── wargames ├── overthewire-vortex ├── level0 │ └── win.py ├── level1 │ ├── README.md │ ├── transcript.txt │ └── win.py ├── level10 │ ├── README.md │ ├── ticks.c │ ├── transcript.txt │ ├── vortex10 │ └── win.py ├── level11 │ ├── README.md │ ├── phkmalloc.c.diff │ ├── transcript.txt │ ├── vortex11 │ └── win.py ├── level12 │ ├── README.md │ ├── r.sh │ ├── transcript.txt │ ├── vortex.labs.overthewire.org │ │ ├── lib │ │ │ └── ld-linux.so.2 │ │ └── lib32 │ │ │ ├── libc.so.6 │ │ │ └── libpthread.so.0 │ ├── vortex12 │ └── win.py ├── level13 │ ├── README.md │ ├── transcript.txt │ ├── vortex.labs.overthewire.org │ │ ├── lib │ │ │ └── ld-linux.so.2 │ │ └── lib32 │ │ │ └── libc.so.6 │ ├── vortex13 │ └── win.py ├── level2 │ ├── README.md │ ├── transcript.txt │ └── win.py ├── level3 │ ├── README.md │ ├── source.c │ ├── transcript.txt │ ├── vortex3 │ └── win.py ├── level4 │ ├── README.md │ ├── exec.py │ ├── leak.c │ ├── libformatstr │ │ ├── README.md │ │ ├── __init__.py │ │ ├── core.py │ │ ├── fmtemul.py │ │ ├── guess.py │ │ └── pattern.py │ ├── transcript.txt │ ├── vortex4 │ └── win.py ├── level5 │ ├── README.md │ ├── transcript.txt │ └── win.py ├── level6 │ ├── README.md │ ├── transcript.txt │ ├── vortex6 │ └── win.py ├── level7 │ ├── README.md │ ├── crc32.py │ ├── crc32.py.diff │ ├── r.sh │ ├── transcript.txt │ ├── vortex7 │ └── win.py ├── level8 │ ├── README.md │ ├── r.sh │ ├── transcript.txt │ ├── vortex8 │ └── win.py ├── level9 │ ├── README.md │ ├── transcript.txt │ └── win.py └── test.sh └── pwnablekr └── pwn_unexploitable.py /2013/codegate-quals/vuln100/94dd6790cbf7ebfc5b28cc289c480e5e: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln100/94dd6790cbf7ebfc5b28cc289c480e5e -------------------------------------------------------------------------------- /2013/codegate-quals/vuln100/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln100/README.md -------------------------------------------------------------------------------- /2013/codegate-quals/vuln100/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln100/doit.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln100/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln100/harness.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln200/.gitignore: -------------------------------------------------------------------------------- 1 | dump.txt 2 | -------------------------------------------------------------------------------- /2013/codegate-quals/vuln200/5b7420a5bcdc1da85bccc62dcea4c7b8: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln200/5b7420a5bcdc1da85bccc62dcea4c7b8 -------------------------------------------------------------------------------- /2013/codegate-quals/vuln200/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln200/README.md -------------------------------------------------------------------------------- /2013/codegate-quals/vuln200/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln200/doit.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln200/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln200/harness.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln300/8ff953dd97c4405234a04291dee39e0b: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln300/8ff953dd97c4405234a04291dee39e0b -------------------------------------------------------------------------------- /2013/codegate-quals/vuln300/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln300/README.md -------------------------------------------------------------------------------- /2013/codegate-quals/vuln300/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln300/doit.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln300/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln300/harness.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln400/7b80d4d56c282a310297336752c589b7: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln400/7b80d4d56c282a310297336752c589b7 -------------------------------------------------------------------------------- /2013/codegate-quals/vuln400/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln400/README.md -------------------------------------------------------------------------------- /2013/codegate-quals/vuln400/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln400/doit.py -------------------------------------------------------------------------------- /2013/codegate-quals/vuln400/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/codegate-quals/vuln400/harness.py -------------------------------------------------------------------------------- /2013/pctf/pork/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/pork/README -------------------------------------------------------------------------------- /2013/pctf/pork/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/pork/doit.py -------------------------------------------------------------------------------- /2013/pctf/pork/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/pork/harness.py -------------------------------------------------------------------------------- /2013/pctf/pork/pork-8c2fdf93e211c7358e0192a24bc951843da672b1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/pork/pork-8c2fdf93e211c7358e0192a24bc951843da672b1 -------------------------------------------------------------------------------- /2013/pctf/pork/pork-patched: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/pork/pork-patched -------------------------------------------------------------------------------- /2013/pctf/ropasaurus/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus/doit.py -------------------------------------------------------------------------------- /2013/pctf/ropasaurus/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus/harness.py -------------------------------------------------------------------------------- /2013/pctf/ropasaurus/ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus/ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d -------------------------------------------------------------------------------- /2013/pctf/ropasaurus2/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus2/doit.py -------------------------------------------------------------------------------- /2013/pctf/ropasaurus2/libc.so.6-f85c96c8fc753bfa75140c39501b4cd50779f43a: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus2/libc.so.6-f85c96c8fc753bfa75140c39501b4cd50779f43a -------------------------------------------------------------------------------- /2013/pctf/ropasaurus2/ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/pctf/ropasaurus2/ropasaurusrex-85a84f36f81e11f720b1cf5ea0d1fb0d5a603c0d -------------------------------------------------------------------------------- /2013/rwthCTF/trafman/pwn_trafman.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/rwthCTF/trafman/pwn_trafman.py -------------------------------------------------------------------------------- /2013/rwthCTF/trafman/trafman: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2013/rwthCTF/trafman/trafman -------------------------------------------------------------------------------- /2014/defcon-finals/eliza-x86-printf/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/eliza-x86-printf/README.md -------------------------------------------------------------------------------- /2014/defcon-finals/eliza-x86-printf/eliza_x86: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/eliza-x86-printf/eliza_x86 -------------------------------------------------------------------------------- /2014/defcon-finals/eliza-x86-printf/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/eliza-x86-printf/exploit.py -------------------------------------------------------------------------------- /2014/defcon-finals/eliza-x86-printf/flag.txt: -------------------------------------------------------------------------------- 1 | this_is_the_flag 2 | -------------------------------------------------------------------------------- /2014/defcon-finals/eliza-x86-printf/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/eliza-x86-printf/transcript.txt -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/README.md -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/exploit.py -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image00.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image00.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image01.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image02.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image03.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image03.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image04.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image04.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image05.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image05.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image06.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image06.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image07.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image07.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image08.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image08.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image09.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image09.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image10.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image10.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image11.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image11.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image12.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image12.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image13.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image13.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image14.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image14.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/images/image15.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/images/image15.png -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/patch.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/patch.py -------------------------------------------------------------------------------- /2014/defcon-finals/wdub-v1/wdub: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-finals/wdub-v1/wdub -------------------------------------------------------------------------------- /2014/defcon-quals/babyfirst-heap/babyfirst-heap_33ecf0ad56efc1b322088f95dd98827c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/babyfirst-heap/babyfirst-heap_33ecf0ad56efc1b322088f95dd98827c -------------------------------------------------------------------------------- /2014/defcon-quals/babyfirst-heap/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/babyfirst-heap/doit.py -------------------------------------------------------------------------------- /2014/defcon-quals/babyfirst-heap/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/babyfirst-heap/harness.py -------------------------------------------------------------------------------- /2014/defcon-quals/bbgp/bbgp_7cdbfdae936b3c6ed10588119a8279a0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/bbgp/bbgp_7cdbfdae936b3c6ed10588119a8279a0 -------------------------------------------------------------------------------- /2014/defcon-quals/bbgp/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/bbgp/doit.py -------------------------------------------------------------------------------- /2014/defcon-quals/bbgp/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/defcon-quals/bbgp/harness.py -------------------------------------------------------------------------------- /2014/gits-teaser/citadel/README: -------------------------------------------------------------------------------- 1 | Depends on libc++1 2 | -------------------------------------------------------------------------------- /2014/gits-teaser/citadel/citadel: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/gits-teaser/citadel/citadel -------------------------------------------------------------------------------- /2014/gits-teaser/citadel/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/gits-teaser/citadel/doit.py -------------------------------------------------------------------------------- /2014/gits-teaser/citadel/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/gits-teaser/citadel/harness.py -------------------------------------------------------------------------------- /2014/hacklu/holy-moses/expl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/hacklu/holy-moses/expl.py -------------------------------------------------------------------------------- /2014/hacklu/holy-moses/saloon: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/hacklu/holy-moses/saloon -------------------------------------------------------------------------------- /2014/plaid/whee/writeup.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2014/plaid/whee/writeup.txt -------------------------------------------------------------------------------- /2016/defcon_quals/glados/glados: -------------------------------------------------------------------------------- 1 | glados_noalarm_noaslr -------------------------------------------------------------------------------- /2016/defcon_quals/glados/glados_noalarm_noaslr: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2016/defcon_quals/glados/glados_noalarm_noaslr -------------------------------------------------------------------------------- /2016/defcon_quals/glados/glados_original: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2016/defcon_quals/glados/glados_original -------------------------------------------------------------------------------- /2016/defcon_quals/glados/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2016/defcon_quals/glados/win.py -------------------------------------------------------------------------------- /2016/defcon_quals/heapfun/heapfun4u: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2016/defcon_quals/heapfun/heapfun4u -------------------------------------------------------------------------------- /2016/defcon_quals/heapfun/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/2016/defcon_quals/heapfun/win.py -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/README.md -------------------------------------------------------------------------------- /run_all_tests.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/run_all_tests.py -------------------------------------------------------------------------------- /srop-examples/srop/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop/doit.py -------------------------------------------------------------------------------- /srop-examples/srop/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop/harness.py -------------------------------------------------------------------------------- /srop-examples/srop/poc-32: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop/poc-32 -------------------------------------------------------------------------------- /srop-examples/srop/poc-32.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop/poc-32.c -------------------------------------------------------------------------------- /srop-examples/srop2/doit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop2/doit.py -------------------------------------------------------------------------------- /srop-examples/srop2/harness.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop2/harness.py -------------------------------------------------------------------------------- /srop-examples/srop2/poc-nasm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop2/poc-nasm -------------------------------------------------------------------------------- /srop-examples/srop2/poc-nasm.S: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/srop-examples/srop2/poc-nasm.S -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level0/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level0/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level1/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level1/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level1/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level1/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level1/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level10/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level10/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level10/ticks.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level10/ticks.c -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level10/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level10/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level10/vortex10: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level10/vortex10 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level10/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level10/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level11/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level11/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level11/phkmalloc.c.diff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level11/phkmalloc.c.diff -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level11/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level11/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level11/vortex11: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level11/vortex11 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level11/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level11/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/r.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/r.sh -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib/ld-linux.so.2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib/ld-linux.so.2 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib32/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib32/libc.so.6 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib32/libpthread.so.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/vortex.labs.overthewire.org/lib32/libpthread.so.0 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/vortex12: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/vortex12 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level12/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level12/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/vortex.labs.overthewire.org/lib/ld-linux.so.2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/vortex.labs.overthewire.org/lib/ld-linux.so.2 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/vortex.labs.overthewire.org/lib32/libc.so.6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/vortex.labs.overthewire.org/lib32/libc.so.6 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/vortex13: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/vortex13 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level13/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level13/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level2/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level2/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level2/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level2/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level2/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level2/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level3/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level3/source.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level3/source.c -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level3/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level3/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level3/vortex3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level3/vortex3 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level3/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level3/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/exec.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/exec.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/leak.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/leak.c -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/__init__.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/core.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/core.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/fmtemul.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/fmtemul.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/guess.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/guess.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/libformatstr/pattern.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/libformatstr/pattern.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/vortex4: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/vortex4 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level4/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level4/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level5/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level5/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level5/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level5/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level5/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level5/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level6/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level6/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level6/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level6/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level6/vortex6: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level6/vortex6 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level6/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level6/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/crc32.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/crc32.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/crc32.py.diff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/crc32.py.diff -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/r.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/r.sh -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/vortex7: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/vortex7 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level7/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level7/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level8/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level8/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level8/r.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level8/r.sh -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level8/transcript.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level8/transcript.txt -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level8/vortex8: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level8/vortex8 -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level8/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level8/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level9/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level9/README.md -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level9/transcript.txt: -------------------------------------------------------------------------------- 1 | [+] Connecting to vortex.labs.overthewire.org on port 22: OK 2 | -------------------------------------------------------------------------------- /wargames/overthewire-vortex/level9/win.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/level9/win.py -------------------------------------------------------------------------------- /wargames/overthewire-vortex/test.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/overthewire-vortex/test.sh -------------------------------------------------------------------------------- /wargames/pwnablekr/pwn_unexploitable.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Gallopsled/pwntools-write-ups/HEAD/wargames/pwnablekr/pwn_unexploitable.py --------------------------------------------------------------------------------