Pwnshop
Reverse Engineering, Exploitation & Crypto.
Check out my blog, follow me on Twitter and Youtube!
Support the project :
Contents:
-
Reverse engineering a simple crackme called βJust seeβ: writeup
-
Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup
-
Utility - Object/Executable file to shellcode converter script: code
-
Utility - Assembly and link script : code
-
Utility - Shellcode testing skeleton generator : code
-
Utility - GDB python script template : code
-
Exit syscall asm: code
-
Write syscall "Hello world!": code
-
Execve shellcode (dynamic addressing) code
-
Ret2libc exploit for protostar stack6 challenge : code
-
Exploit for protostar stack7 challenge (Smallest ROP chain): code
-
Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup
-
Execve shellcode (stack method) : code
-
Execve shellcode using RIP relative addressing code
-
Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out
-
XANAX - A custom shellcode encoder written in assembly :
-
A more generic (and somewhat extensible) encoder skeleton written in Go code
-
Gocryper : A custom AES shellcode crypter written in Go code, writeup
-
Password Protected Reverse Shell (Linux/ARMv6)
-
MalwareTech's String Challenges crackmes: writeup
-
MalwareTech's Shellcode Challenges crackmes: writeup
-
DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code
-
Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup
-
Solution for the crackme "Crack3-by-D4RK_FL0W" :
-
Utility - r2frida Cheatsheet: writeup
-
Solution for the crackme "alien_bin" writeup
-
Automated solutions for the crackme "mexican": writeup, script solution 1: carving, script solution 2: patching
-
Writeup for the crackme "crackme_by_coulomb" (.net): writeup
-
Writeup for the crackme "shadows_registerme" (.net): writeup
-
Writeup for the crackme "removemytrial_by_coulomb" (.net): writeup
-
Writeup for the crackme "Get The Password": writeup, code (keygen)
-
Cyptopals Solutions: Set 1, Challenge 1. "Convert hex to base64": code
-
Cyptopals Solutions: Set 1, Challenge 2. "Fixed XOR": code
-
Cyptopals Solutions: Set 1, Challenge 3. "Single-byte XOR cipher": code
-
Cyptopals Solutions: Set 1, Challenge 4. "Detect single-character XOR": code
-
Cyptopals Solutions: Set 1, Challenge 5. "Implement repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 6. "Break repeating-key XOR": code
-
Cyptopals Solutions: Set 1, Challenge 7. "AES in ECB mode": code
-
Cyptopals Solutions: Set 1, Challenge 8. "Detect AES in ECB mode": code
-
Cyptopals Solutions: Set 2, Challenge 9. "Implement PKCS#7 padding": code
-
Cyptopals Solutions: Set 2, Challenge 15. "PKCS#7 padding validation": code
Useful links:
Tools:
A non-exhaustive list of tools
- radare2 (+Cutter +r2frida +r2pipe +r2ghidra-dec)
- Ghidra
- x64dbg
- Frida
- gdb (+gdb-dashboard +GEF)
- Valgrind
- Pwntools
- Wireshark
- Binwalk
- strace
- ltrace
- hexdump
- xxd
- rappel
- nasm
- gas
- Unicorn Engine
- IDA
- hexedit
- bless
- Metasploit (https://www.metasploit.com/)
Resources:
There's a LOT of stuff out there. These are just the most useful things I've found so far.
- π» Live overflow
- π The shellcoder's handbook
- π» Exploit education
- π» Gynvael coldwind
- π» Azeria labs
- π» Phrack
- π» Corelan
- π» Fuzzysecurity
- π» Packetstormsecurity
- π» Exploitdb
- π Beginners RE
- π Practical reverse engineering
- π Programming linux anti-reversing techniques
- π Attacking network protocols
- π Penetration testing: A Hands-On introduction to hacking
- π» Malware Unicorn
- π Radare2 Book
- π» Paged-Out!
- π PoC||GTFO I
- π PoC||GTFO II
- π The IDA Pro Book
- π Hacker Disassembling Uncovered
- π» Reverse Engineering Stackexchange
- π» Cryptopals Challenges
- π Cryptool Book
- π Crypto 101
- π Cracking Codes With Python