Writeup - HTB Snake

[re] Snake (10) Description Short info about task: Name: Snake Difficulty: easy Score: 10 Flag should be in the format: HTB{username:password} Overview We have got the python script that is waiting for some username and password: $ python snake.py ___________.__ _________ __ \__ ___/| |__ ____ / _____/ ____ _____ | | __ ____ | | | | \_/ __ \ \_____ \ / \__ \ | |/ // __ \ | | | Y \ ___/ / \ | \/ __ \| <\ ___/ |____| |___| /\___ > /_______ /___| (____ /__|_ \___ > \/ \/ \/ \/ \/ \/ \/ The Snake Created by 3XPL017 Your number is 809 Authentication required Enter your username QWE Wrong username try harder Let’s look into code to get more info about how to get username and password.
Read more →

Ida Pro Plugins

Plugins worth installing

Read more →

Expose Any Port With Ngrok

How to expose any port to the Internet without exposing your private IP (for free).

Read more →

Unmap PE Manually

Prerequisities Make sure that you have dumped binary from memory (optionally) Fix PE headers if necessary Unmap With PE bear Open PE-bear > Sections > Section Headers Make sure that VA and VS matches RA and RS, so: RA[i] = VA[i] RS[i] = RA[i+1] - RA[i] RS.reloc = 0 VS[i] = RS[i] If you see some red blocks it means that PE is probably misalligned, check: Fix misalligned sections Fix misalligned sections Open binary in hex editor Go to the 1st section (on example above to 0x1000) Section should start in this place, nulls should be before.
Read more →

Disable Aslr

Linux echo 0 | sudo tee /proc/sys/kernel/randomize_va_space radare2 # disable ASLR & reanalyse dor aslr=no aaa Windows Windows 7 Open RegEdit Goto: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ Create new value (not a key): MoveImages with value 0. Reboot. Windows 10 Disable ASLR per file Set-Processmitigation -Name name.exe -Disable ForceRelocateImages Disable ASLR by default Search in Windows for: “windows defender Security Center” Click on the second icon from the bottom: “App & browser control” Scroll to the bottom and click on: “Exploit protection settings” Set “Force randomization for images “ to OFF.
Read more →