Articles tagged python

  1. sqlalchemy Magic


    I was writing a plugin for CTFd and I was faced with an interesting problem: how the hell do I add a column (attribue) to a parent table without modifying that table (or model object)???
    I was trying to assign an extra attribute to the Teams model; a one-to-many relationship between bracket and team so I could have Teams.chal_bracket and Bracket.teams, but again without modifying the Teams model.
    I had actually tried overriding the Teams model and also adding a row on the fly, but neither of those worked. I ended up with the solution below: ...


    Check out the full post for more details!
  2. A Better Way to Work with Raw Data Types in Python


    Working with raw data in any language can be a pain. If you are a developer there are many solutions to make it easier such as Google's Protocol Buffers. If you are a reverse engineer these methods can be too bulky especially if you are trying to quickly script an exploit (perhaps in a CTF where time is constrained). Python has always been my go-to language for exploit dev and general script writing but working with raw datatypes using just pack and unpack from the struct module is annoying and leaves much to be desired. I'm here to tell you that if you are still using pack and unpack for complex datatypes there is a better way.

    For the sake of this post we will attempt to work with the raw datatypes below defined as a C structures:

    typedef struct __attribute__((packed)) NestedStruct_ {
        unsigned char flags[3];
        uint8_t val1;
        uint8_t val2;
    } NestedStruct;
    
    typedef struct __attribute__((packed)) ExampleNetworkPacket_ {
        uint16_t version;
        uint16_t reserved;
        uint32_t sanity;
        NestedStruct ns;
        uint32_t datalen;
        unsigned char data[0];
    } ExampleNetworkPacket;
    

    The total size of the ExampleNetworkPacket structure will be 17 bytes plus any data appended on it.

    As a side note I just recently learned that the last element of the ExampleNetworkPacket is valid C and is useful to be a pointer to the end of the structure instead of having to do this:

    unsigned char data = (unsigned char*)(examplenetworkpacketptr + sizeof(ExampleNetworkPacket));
    

    Neat.
    ...


    Check out the full post for more details!
  3. Python for Hackers


    This is getting posted a bit late, but here is a presentation I gave remote for RIT's Competitive Cybersecurity Club Conference (RC4) 2016 on python tricks for hackers. It's a collection of things that I often use within python that make writing functional tools easier.

  4. Metasploit Workflows and Scripting


    Here is a presentation I gave at GVSU on 7/20/16 about the basics of metasploit and automation using pymetasploit

    The code for autopsexec is not public right now because it is a mess. I'll update this post when I fix it!