| #include <iostream> | |
| #include <cstdint> | |
| uint32_t AES_TABLE_1[256] = { | |
| 0x50A7F451, 0x5365417E, 0xC3A4171A, 0x965E273A, 0xCB6BAB3B, 0xF1459D1F, 0xAB58FAAC, 0x9303E34B, | |
| 0x55FA3020, 0xF66D76AD, 0x9176CC88, 0x254C02F5, 0xFCD7E54F, 0xD7CB2AC5, 0x80443526, 0x8FA362B5, | |
| 0x495AB1DE, 0x671BBA25, 0x980EEA45, 0xE1C0FE5D, 0x02752FC3, 0x12F04C81, 0xA397468D, 0xC6F9D36B, | |
| 0xE75F8F03, 0x959C9215, 0xEB7A6DBF, 0xDA595295, 0x2D83BED4, 0xD3217458, 0x2969E049, 0x44C8C98E, | |
| 0x6A89C275, 0x78798EF4, 0x6B3E5899, 0xDD71B927, 0xB64FE1BE, 0x17AD88F0, 0x66AC20C9, 0xB43ACE7D, | |
| 0x184ADF63, 0x82311AE5, 0x60335197, 0x457F5362, 0xE07764B1, 0x84AE6BBB, 0x1CA081FE, 0x942B08F9, |
| package main | |
| import ( | |
| "bytes" | |
| "fmt" | |
| "io" | |
| "log/slog" | |
| "net/http" | |
| "os" | |
| "strings" |
| #!/usr/bin/env python3 | |
| import socket | |
| import ssl | |
| import time | |
| from unittest.mock import patch | |
| def send_truncated_ssl_handshake(target_host='localhost', target_port=9560, truncate_to=None): | |
| # Get original socket.send before any patching occurs | |
| original_send = socket.socket.send | |
Coming from a background of 010editor binary templates, these are a few optimization tips that I wish I knew from the beginning. These are mentioned in the ImHex docs, but are quite easy to miss if you are just skimming.
The [[static]] attribute in ImHex is similar to the <optimize=true|false> attribute in 010 Editor. However, there are a few key differences:
There is a single function in RE engine that is called with the file extension (UTF16 string), and version (int):
motlist) as UTF16:
| use rquickjs::{Context, Function, Module, Runtime}; | |
| // When this is called from JS, rquickjs will seamlessly handle the conversion from JS values/objects -> rust types. | |
| // If the types aren't correct, it will throw an exception. | |
| fn some_rust_fn(cb: Function, arg1: i32, arg2: i32) { | |
| println!("Rust: some_rust_fn - called with ({arg1}, {arg2})"); | |
| // Call the callback - rquickjs will seamlessly handle the call in the opposite direction as well. | |
| let result: i32 = cb.call((arg1, arg2)).unwrap(); | |
| println!("Rust: some_rust_fn - JS callback result: {result}"); |
| scn.21 | |
| pfb.18 | |
| user.3 | |
| uvar.3 | |
| exprgraph.5 | |
| scb.1 | |
| scl.1 | |
| stl.3 | |
| slqg.1 | |
| svx.1 |
These are all classes which have inherited from a DTI class, but which don't implement their own DTI (+don't override the ::GetDTI virtual method)
| DTI name | index | vftable address |
|---|---|---|
| CoprocessorObject | 0 | 0x14353a950 |
| CoprocessorObject | 1 | 0x143586060 |
| MtArray | 0 | 0x142f0cff8 |
| MtArray | 1 | 0x142f172a0 |
| Class:MHiAIObject, Hash:0x5E6E97F0 | |
| Class:MHiAreaObject, Hash:0x13F84021 | |
| Class:MHiArrayObject, Hash:0x4A2F57B0 | |
| Class:MHiColladaObject, Hash:0x74A65A09 | |
| Class:MHiCollisionObject, Hash:0x3CD665F2 | |
| Class:MHiDevelopObject, Hash:0x3E226FCE | |
| Class:MHiEffectObject, Hash:0x6773BC46 | |
| Class:MHiGUIObject, Hash:0x3FAF421 | |
| Class:MHiGlobalObject, Hash:0x6787E98A | |
| Class:MHiInstancingObject, Hash:0x3EA6B848 |
| a9c13fbe964af9d974101e36d7b82f9b |