A Simple SSL Client and Server in Python

Server import socket from socket import AF_INET, SOCK_STREAM, SO_REUSEADDR, SOL_SOCKET, SHUT_RDWR import ssl KEYFILE = ‘server_key.pem’ CERTFILE = ‘server_cert.pem’ def echo_client(s): while True: data = s.recv(8192) print(data.decode(“utf-8″)) if data == b”: break s.send(b’This is a response.’) print(‘Connection closed’) s.close() def echo_server(address): s = socket.socket(AF_INET, SOCK_STREAM) s.bind(address) s.listen(1) s.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) s_ssl = ssl.wrap_socket(s, keyfile=KEYFILE, certfile=CERTFILE, […]

How to: Unicode in URL with Python 3

I found this to be much more difficult than I thought it would be. The solution was simple, but finding it was a bit of a pain. Here is the solution: Extremely simple, but it caused me a fair amount of headache to figure that out. Common errors that might bring you to this post: AttributeError: […]

Icinga “ did not exit properly error”

I got this and it took some time to troubleshoot. The error is misleading. What it’s really telling you is that the plugin failed to execute properly. Here’s the catch, this includes warnings. So if you manually test the plugin from the command line outside of Icinga and it works, but gives a warning, when […]

What is the Symbol Table and What is the Global Offset Table?

Introduction When I first sought to understand the symbol table and the global offset table (GOT) I found bits and pieces of information, but I had trouble getting the whole picture. As I understood what the symbol table/GOT are, I realized it is easier to describe the symbol table/GOT in the context of the linking and loading […]

Fusion Exploit Challenges Level 01

Some GDB Housekeeping When I first started this challenge, I was quite thrown off. I started debugging with GDB and my level00 exploit worked perfectly as is. In fact, after closer inspection I realized that none of the addresses from level00 were different in level01. I figured this wasn’t a coincidence. After running my exploit […]

Fusion Exploit Challenges Level00 Solution

Introduction Research I began by looking for the port level00 listened on. However, it was not in the source code. I found it by running a netstat -tulpn: From the output you can see level00 listens on port 20000. We could have also found this by setting a breakpoint on SERVE_FOREVER and examining the port […]

Protostar Exploit Challenges Format0 Solution

Introduction Format0 is the introduction to the string exploitation levels. There isn’t much to it except a bit of minutia in the printf function. Exploitation We must complete this level in under 10 bytes of input, which means we can’t do our typical print 1 billion As deal. What we instead do is use the […]