Barakat Barakat
Barakat
/ injector.cpp
Last active
July 17, 2018 00:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <cassert> | |
| int | |
| main(int argc, char **argv) | |
| { | |
| (void)argc; | |
| (void)argv; | |
| // التعليمات مولّدة من هذا الكود: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // أداة الحقن | |
| #include <Windows.h> | |
| #include <cassert> | |
| int | |
| main(int argc, char** argv) | |
| { | |
| (void)argc; | |
| (void)argv; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // مثال لخطف دالة عن طريق استبدال عنوانها في جدول عناوين الدوال المستوردة | |
| // https://twitter.com/barakatsoror/status/1020710139475759105 | |
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <cstdio> | |
| #include <cassert> | |
| #include <winnt.h> | |
| #include <cstring> | |
| #include <cwchar> |
Barakat
/ kill-msi-logo-leds.cpp
Last active
July 28, 2018 16:20
Kill MSI logo LEDs in MSI GTX 980 Ti Graphics Card
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| typedef bool (__stdcall *NDA_SetIlluminationParm_t)(int adapter_index, int attribute, int value); | |
| typedef bool (__stdcall *NDA_GetIlluminationParm_t)(int adapter_index, int attribute, int *value); | |
| typedef bool (__stdcall *NDA_GetGPUCounts_t)(int *gpu_count); | |
| typedef bool (__stdcall *NDA_Initialize_t)(); | |
| typedef bool (__stdcall *NDA_Unload_t)(); | |
| int | |
| main() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| typedef struct _Object | |
| { | |
| int x; | |
| int y; | |
| } Object; | |
| void |
Barakat
/ alloc-executable-memory.cpp
Created
November 11, 2018 16:37
Allocate executable memory by creating a memory section with CreateFileMapping and MapViewOfFile
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <cinttypes> | |
| int main() | |
| { | |
| static uint8_t code[] = { | |
| 0x90, // nop | |
| 0x90, // nop | |
| 0xc3 // ret | |
| }; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cl /MT /LD winmm.c User32.lib Advapi32.lib | |
| mkdir "\\?\C:\Windows " | |
| mkdir "\\?\C:\Windows \System32" | |
| copy "C:\Windows\System32\WinSAT.exe" "C:\Windows \System32\" | |
| copy "winmm.dll" "C:\Windows \System32\" | |
| "C:\Windows \System32\WinSAT.exe" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <ntdef.h> | |
| #include <cstdint> | |
| #include <cassert> | |
| #include <cstring> | |
| #include <cstdio> | |
| typedef enum | |
| { |
Barakat
/ shellcode.cpp
Last active
December 26, 2018 19:27
Locating KERNEL32.DLL base address shellcode for x86 and x64 using C++
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <cassert> | |
| __declspec(dllexport) | |
| __declspec(noinline) | |
| void* | |
| __stdcall | |
| GetKernel32BaseAddress() |
Barakat
/ kernel-shellcode.cpp
Created
December 27, 2018 19:55
Windows x64 shellcode for locating the base address of ntoskrnl.exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <wdm.h> | |
| __declspec(dllexport) | |
| __declspec(noinline) | |
| void* | |
| GetNtoskrnlBaseAddress() | |
| { | |
| // | |
| // From Windows Internals part 1, chapter 2: | |
| // |