Skip to content

Instantly share code, notes, and snippets.

View Esonhugh's full-sized avatar
💭
I may be slow to respond.

Esonhugh Skyworship Esonhugh

💭
I may be slow to respond.
580 followers · 451 following
View GitHub Profile
@Esonhugh
Esonhugh / example.txt
Last active April 22, 2025 02:46
IDA pro mcp prompt
你是一位恶意软件分析大师、逆向工程大师,你的任务是分析二进制程序 XXXXXX,函数 XXXXX,分析具体的功能与逻辑,你可以调用 IDA-PRO-MCP 工具进行分析。
额外要求:分析出对应的 XXX 过程的具体实现,并且分析完成后输出到报告中
通常而言逆向分析主要遵循如下方法:
1. 添加你的发现作为注释
2. 将变量重命名为更合理的名称,如有必要,更改变量和参数类型(特别是指针和数组类型)
3. 将函数名改为更具描述性的名称,如果进行变更请编写 change.md 文件说明: 函数地址 原函数名称 变更后函数名称
4. 如需更多详细信息,请反汇编函数并添加您的发现注释
@Esonhugh
Esonhugh / cloner.py
Created February 14, 2025 13:32
clone EVERYTHING on git if you have a list
import sys
# usage: python cloner.py 1> cloner.sh 2> extract.sh
#
username = "user"
password = "pass_or_token"
domain = "github.com"
Prefix = f"git clone --mirror https://{username}:{password}@{domain}/"
@Esonhugh
Esonhugh / test.html
Last active January 9, 2025 06:27
Chrome content script - Current environment hooks and debug tool for reversing js on website. Released on https://update.greasyfork.org/scripts/523279/ConsoleHook.user.js
<html>
<head>
<title>Playground of hooks</title>
<script src="/hook.js"></script>
</head>
<body>
<script>
// console.hooks.hookfunc(console, "log")
obj = {
@Esonhugh
Esonhugh / deobf.js
Created December 10, 2024 16:36
deobf javascript auto rename variable from require import method
var esprima = require("meriyah");
var estraverse = require("estraverse");
var escodegen = require("escodegen");
var fs = require("node:fs");
function basename(path) {
return path.split("/").reverse()[0].split(":").reverse()[0].replace("-", "_");
}
@Esonhugh
Esonhugh / CVE-2022-45982.md
Created August 19, 2024 06:32 — forked from Dar1in9s/CVE-2022-45982.md
CVE-2022-45982

thinkphp 6.0.0-6.0.13 and 6.1.0-6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.

First, Add new deserialization endpoint, such as:

<?php
namespace app\controller;

use app\BaseController;
@Esonhugh
Esonhugh / README.md
Last active June 30, 2024 05:47
Bloodhound Kubernetes Configuration

Bloodhound as a service (Kubernetes Deployments/Docker Compose)

Usage

  1. Change password (default password: default_admin_passwords)
  2. Change user (default user: esonhugh)
  3. Change ingress host name to your team server
  4. Deploy it!
  5. kubectl apply -f deployment-service.yaml -f ingress.yaml -f configmap.yaml # -n <change namespace you deploy>
  6. use pipx install git+https://github.com/exploide/bloodhound-cli.git
@Esonhugh
Esonhugh / aws_auto_assume.sh
Last active May 28, 2024 09:43
automatically assume role with aws cli
# automatically set the AWS environment variables from the json output of `aws sts assume-role`
aws_sts_env () {
if [[ -n "$1" ]]
then
local cred=$1
fi
if [[ -z "$cred" ]]
then
echo "Usage: $0 \`json\`"
echo "Example: export cred=\`aws sts assume-role --role-arn xxxx --role-session-name xxxx|jq ".Credentials"\`"
@Esonhugh
Esonhugh / gitdumper.sh
Created April 22, 2024 05:50
git dumper.sh --path-as-is allow path ../
#!/bin/bash
#$1 : URL to download .git from (http://target.com/.git/)
#$2 : Folder where the .git-directory will be created
function init_header() {
cat <<EOF
###########
# GitDumper is part of https://github.com/internetwache/GitTools
#
# Developed and maintained by @gehaxelt from @internetwache
@Esonhugh
Esonhugh / log_parser.py
Last active April 2, 2024 07:23
AWS cloud trail log analysis
import os
SOURCE_FILE="merged_cloudtrail_logs.json"
'''
Sample Event
{
"eventVersion": "1.08",
"userIdentity": {
"type": "Root",
@Esonhugh
Esonhugh / tasks.json
Created January 25, 2024 04:01
vscode task based msfvenom payload generation
{
"version": "2.0.0",
"tasks": [
{
"label": "msfvenom payload creating",
"type": "shell",
"detail": "msfvenom payload creating task",
"problemMatcher": [],
"command": [
"msfvenom",