pwnshop
Reverse Engineering and Exploitation.
Check out my blog, follow me on Twitter and Youtube!
Support the project :
Contents:
- Reverse engineering a simple crackme called βJust seeβ: writeup
- Reverse engineering a level 1 crackme "Easy_firstCrackme-by-D4RK_FL0W": writeup
- Utility - Object/Executable file to shellcode converter script: code
- Utility - Assembly and link script : code
- Utility - Shellcode testing skeleton generator : code
- Utility - GDB python script template : code
- Exit syscall asm: code
- Write syscall "Hello world!": code
- Execve shellcode (dynamic addressing) code
- Ret2libc exploit for protostar stack6 challenge : code
- Exploit for protostar stack7 challenge (Smallest ROP chain): code
- Exploit for VUPlayer 2.49 (no DEP) local buffer overflow: code, writeup
- Execve shellcode (stack method) : code
- Execve shellcode using RIP relative addressing code
- Password Protected Bind Shell (Linux/x64) code, writeup
- Password Protected Reverse Shell (Linux/x64) code, writeup, Featured in the 1st number of Paged-Out
- XANAX - A custom shellcode encoder written in assembly :
- A more generic (and somewhat extensible) encoder skeleton written in Go code
- Gocryper : A custom AES shellcode crypter written in Go code, writeup
- A basic Polimorphic Engine written in Go code, writeup
- Egg-hunter shellcode (Linux/x64) code, writeup
- Password Protected Reverse Shell (Linux/ARMv6)
- MalwareTech's String Challenges crackmes: writeup
- MalwareTech's Shellcode Challenges crackmes: writeup
- DEFCON Qualys 2019 : Speedrun-001 exploit (Stack-based bof + ROP): code
- Solution for the crackme "Crackme2-be-D4RK_FL0W" writeup
- Solution for the crackme "Crack3-by-D4RK_FL0W" :
- Utility - r2frida Cheatsheet: writeup
- Solution for the crackme "alien_bin" writeup
- Automated solutions for the crackme "mexican": writeup, script solution 1: carving, script solution 2: patching
- Writeup for the crackme "crackme_by_coulomb" (.net): writeup
- Writeup for the crackme "shadows_registerme" (.net): writeup
- Writeup for the crackme "removemytrial_by_coulomb" (.net): writeup
- Writeup for the crackme "Get The Password": writeup, code (keygen)
Useful links:
Tools:
A non-exhaustive list of tools
- radare2 (+Cutter +r2frida +r2pipe +r2ghidra-dec)
- Ghidra
- x64dbg
- Frida
- gdb (+gdb-dashboard +GEF)
- Valgrind
- Pwntools
- Wireshark
- Binwalk
- strace
- ltrace
- hexdump
- xxd
- rappel
- nasm
- gas
- Unicorn Engine
- IDA
- hexedit
- bless
- Metasploit (https://www.metasploit.com/)
Resources:
There's a LOT of stuff out there. These are just the most useful things I've found so far.
π» Live overflowπ The shellcoder's handbookπ» Exploit educationπ» Gynvael coldwindπ» Azeria labsπ» Phrackπ» Corelanπ» Fuzzysecurityπ» Packetstormsecurityπ» Exploitdbπ Beginners REπ Practical reverse engineeringπ Programming linux anti-reversing techniquesπ Attacking network protocolsπ Penetration testing: A Hands-On introduction to hackingπ» Malware Unicornπ Radare2 Bookπ» Paged-Out!π PoC||GTFO Iπ PoC||GTFO IIπ The IDA Pro Bookπ Hacker Disassembling Uncoveredπ» Reverse Engineering Stackexchange