Pwnshop
Reverse Engineering, Exploitation & Crypto.
Check out my blog, follow me on Twitter and Youtube!
Support the project :
Contents:
-
Reverse engineering a simple crackme called โJust seeโ: writeup
-
Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup
-
Utility - Object/Executable file to shellcode converter script: code
-
Utility - Assembly and link script : code
-
Utility - Shellcode testing skeleton generator : code
-
Utility - GDB python script template : code
-
Exit syscall asm: code
-
Write syscall "Hello world!": code
-
Execve shellcode (dynamic addressing) code
-
Ret2libc exploit for protostar stack6 challenge : code
-
Exploit for protostar stack7 challenge (Smallest ROP chain): code
-
Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup
-
Execve shellcode (stack method) : code
-
Execve shellcode using RIP relative addressing code
-
Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out
-
XANAX - A custom shellcode encoder written in assembly :
-
A more generic (and somewhat extensible) encoder skeleton written in Go code
-
Gocryper : A custom AES shellcode crypter written in Go code, writeup
-
Password Protected Reverse Shell (Linux/ARMv6)
-
MalwareTech's String Challenges crackmes: writeup
-
MalwareTech's Shellcode Challenges crackmes: writeup
-
DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code
-
Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup
-
Solution for the crackme "Crack3-by-D4RK_FL0W" :
-
Utility - r2frida Cheatsheet: writeup
-
Solution for the crackme "alien_bin" writeup
-
Automated solutions for the crackme "mexican": writeup, script solution 1: carving, script solution 2: patching
-
Writeup for the crackme "crackme_by_coulomb" (.net): writeup
-
Writeup for the crackme "shadows_registerme" (.net): writeup
-
Writeup for the crackme "removemytrial_by_coulomb" (.net): writeup
-
Writeup for the crackme "Get The Password": writeup, code (keygen)
-
Cyptopals Solutions: Set 1, Challenge 1. "Convert hex to base64": code
-
Cyptopals Solutions: Set 1, Challenge 2. "Fixed XOR": code
-
Cyptopals Solutions: Set 1, Challenge 3. "Single-byte XOR cipher": code
-
Cyptopals Solutions: Set 1, Challenge 4. "Detect single-character XOR": code
-
Cyptopals Solutions: Set 1, Challenge 5. "Implement repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 6. "Break repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 7. "AES in ECB mode": code
-
Cyptopals Solutions: Set 1, Challenge 8. "Detect AES in ECB mode": code
-
Cyptopals Solutions: Set 2, Challenge 9. "Implement PKCS#7 padding": code
-
Cyptopals Solutions: Set 2, Challenge 15. "PKCS#7 padding validation": code
Useful links:
Tools:
A non-exhaustive list of tools
- radare2 (+Cutter +r2frida +r2pipe +r2ghidra-dec)
- Ghidra
- x64dbg
- Frida
- gdb (+gdb-dashboard +GEF)
- Valgrind
- Pwntools
- Wireshark
- Binwalk
- strace
- ltrace
- hexdump
- xxd
- rappel
- nasm
- gas
- Unicorn Engine
- IDA
- hexedit
- bless
- Metasploit (https://www.metasploit.com/)
Resources:
There's a LOT of stuff out there. These are just the most useful things I've found so far.
- ๐ป Live overflow
- ๐ The shellcoder's handbook
- ๐ป Exploit education
- ๐ป Gynvael coldwind
- ๐ป Azeria labs
- ๐ป Phrack
- ๐ป Corelan
- ๐ป Fuzzysecurity
- ๐ป Packetstormsecurity
- ๐ป Exploitdb
- ๐ Beginners RE
- ๐ Practical reverse engineering
- ๐ Programming linux anti-reversing techniques
- ๐ Attacking network protocols
- ๐ Penetration testing: A Hands-On introduction to hacking
- ๐ป Malware Unicorn
- ๐ Radare2 Book
- ๐ป Paged-Out!
- ๐ PoC||GTFO I
- ๐ PoC||GTFO II
- ๐ The IDA Pro Book
- ๐ Hacker Disassembling Uncovered
- ๐ป Reverse Engineering Stackexchange
- ๐ป Cryptopals Challenges
- ๐ Cryptool Book
- ๐ Crypto 101
- ๐ Cracking Codes With Python