Skip to content

Instantly share code, notes, and snippets.

View gynvael's full-sized avatar

Gynvael Coldwind gynvael

View GitHub Profile
@gynvael
gynvael / authors.txt
Created August 5, 2024 08:22
Metasploit exploit authors by number of times mentioned in 'Author' metadata
All Exploits Entries: 2442
Total: 1793
311 juan vazquez
216 mc
183 sinn3r
149 jduck
144 hdm
113 bcoles
108 unknown
90 h00die
@gynvael
gynvael / low_level_shell_exec.py
Created April 28, 2024 07:55
Low-level shellcode execution in Python
from ctypes import *
NULL = 0
PROT_READ = 1
PROT_WRITE = 2
PROT_EXEC = 4
MAP_ANON = 0x20
MAP_PRIVATE = 2
@gynvael
gynvael / pyvm.py
Created December 29, 2023 18:22
GACHAAAAAtkr task solver by gynvael of Dragon Sector
# GACHAAAAAtkr task solver (potluck ctf, task author: Project Sekai!)
# - by Gynvael Coldwind of Dragon Sector
#
# Note: 99% of this code is python vm reimplementation because I didn't find
# which version of python should I use to run this ;p
# It also uses a timing sidechannel to get the flag.
# Use python 3.12 to run this script!
"""
Dockerfile:
@gynvael
gynvael / main.dis
Created December 29, 2023 18:13
GATCHA partial deobfuscated dis
_co_code_adaptive: b'\x97\x00e\x00j\x02\x11\x00\x01\x00e\x00n\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\tj\x02\x11\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00e\x00j\x02\x11\x00\x01\x00\x01\x00d\x00Z\x02e\x02r\x08d\x01n\x01\x8c\te\x00j\x02\x11\x00\x01\x00Z\x03e\x04Z\x05e\x06Z\x07e\x08n\x01\x8c\te\x00j\x02\x11\x00\x01\x00Z\te\nZ\x0be\x00Z\x02e\x04n\x01\x8c\te\x00j\x02\x11\x00\x01\x00Z\x05g\x00Z\x0cd\x00Z\rd\x02n\x01\x8c\te\x00j\x02\x11\x00\x01\x00Z\x0e\x02\x00e\x0fg\x00n\x03\x00\x00\x00\x00\x8c\te\x00j\x02\x11\x00\x01\x00\xab\x01\x00\x00\x00\x00\x00\x00\x00\x00Z\x10n\x01\x8c\te\x00j\x02\x11\x00\x01\x00d\x03g\x01d\x04z\x05\x00\x00Z\x11n\x01\x8c\te\x00j\x02\x11\x00\x01\x00d\x03Z\x12d\x03Z\x13d\x00Z\x14n\x01\x8c\te\x00j\x02\x11\x00\x01\x00d\x05Z\x15d\x06Z\x16d\x04Z\x17n\x01\x8c\te\x00j\x02\x11\x00\x01\x00d\x07Z\x18d\x08Z\x19d\tZ\x1an\x01\x8c\te\x00j\x02\x11\x00\x01\x00\x02\x00e\x1bd\nd\x0bn\x03\x00\x00\x00\x00\x8c\te\x00j\x02\x11\x00\x01\x00\xab\x02\x00\x00\x00\x00\x00\x00\x00\x00n\x0
@gynvael
gynvael / parking.py
Created June 4, 2023 06:37
Park places chart
"""
GPT4
I have a CSV file with two fields: data and time, and parking space occupancy. Example:
2019-05-18T02:20:08,162
2019-05-18T01:55:38,160
2019-05-18T02:00:02,160
2019-05-18T02:05:37,161
2019-05-18T02:35:37,162
2019-05-18T02:50:34,160
@gynvael
gynvael / aaa_writeup.md
Last active April 16, 2023 17:56
Notes on Infiltration (JerseyCTF III '23)

Notes on Infiltration (JerseyCTF III '23)

A rogue AI has infiltrated a game server's custom VM run on PPC and its code is now traversing the user base. The developers have decompiled and given the current executing script the memory it was accessing at the time and opcode documentation. You are tasked with investigating the nature of this threat.

You were given three files:

  • opcodes.md with an incomplete description of opcodes
  • ctf.xsa with assembly (as in: text) for some architecture
@gynvael
gynvael / decoder.py
Created March 28, 2023 07:52
Stargate Online SPR file decoder
#!/usr/bin/python3
# SPR decoder from Stargate Online, by Gynvael Coldwind.
# Note: This decoder was made based on 3 SPR files I've received, so it might
# not handle all the cases.
import struct
from struct import unpack
import sys
from PIL import Image
DEBUG_MODE = False
@gynvael
gynvael / output.py
Created March 19, 2023 16:05
GPT-4 output 2 metaball script
import pygame
import sys
import math
import time
# Constants
WIDTH, HEIGHT = 800, 600
BG_COLOR = (0, 0, 0)
THRESHOLD = 0.5
@gynvael
gynvael / output.py
Created March 19, 2023 15:43
GPT-4 output 1 adhoc script
import csv
import html
def sanitize(input_str):
return html.escape(input_str)
html_head = '''
<!DOCTYPE html>
@gynvael
gynvael / input.py
Created March 19, 2023 15:36
GPT-4 input 1 adhoc script
#!/usr/bin/python3
import csv
def e(s):
return s.replace('&', '&amp;').replace('<', '&lt;').replace('>', '&gt;').replace('\n', '<br>').replace('', '*')
print("""
<html>
<style>
body {