- Several collaborate plugins are availiable, including:
IDASynergy. CVS system mainly using SVN. Don't like it much.collabREate. Have not fully tested. Will test it.Sol[IDA]rity. Still nothing published yet.YaCo. New thing in #SSTIC 2017. Not published yet. Wait till Jun. 7.FIRSTfrom Cisco which claims its ability to identifiy and recovery functions from signatures. Will test it.- Still searching until I found a useful one.
- DIE claims it can enrich IDA's static analysis with dynamic data. But need to test if can be used.
SilverBut
/ haproxy.cfg
Last active
July 7, 2024 19:14
[Haproxy cfg checking Socks5] Haproxy cfg to check the Socks5 connection #tags: GFW, network, haproxy, config
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #--------------------------------------------------------------------- | |
| # Example configuration for a possible web application. See the | |
| # full configuration options online. | |
| # | |
| # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt | |
| # | |
| #--------------------------------------------------------------------- | |
| global | |
| log 127.0.0.1 local2 |
SilverBut
/ AutoMakeFunc.py
Last active
April 29, 2018 13:29
[AutoMakeFunc] Solve an IDA problem when liner-down scan can not identify functions directly attached to the current function. Only work under IDA 6.95. Now works for PowerPC. #tags: IDAPython, IDA, reverse, powerpc, ppc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import logging | |
| logger = logging.getLogger(__name__) | |
| lv = logging.DEBUG | |
| map(logger.removeHandler, logger.handlers[:]) | |
| map(logger.removeFilter, logger.filters[:]) | |
| logger.setLevel(lv) | |
| ch = logging.StreamHandler() | |
| ch.setLevel(lv) | |
| formatter = logging.Formatter("[%(levelname)s] %(asctime)-2s <%(funcName)s:%(lineno)s> %(message)s", "%H:%M:%S") | |
| ch.setFormatter(formatter) |
SilverBut
/ network_manual_action.sh
Last active
May 1, 2017 19:24
[Manual network solution] Work for my personal network problems in mainland China. #tags: GFW, network, shadowsocks, route, vpn
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/sh | |
| SCRIPTNAME=`basename $0` | |
| function log_err() { echo "[$SCRIPTNAME][E] $@" 1>&2; } | |
| function log() { echo "[$SCRIPTNAME][I] $@" 1>&2; } | |
| RESULT_OK=0 | |
| RESULT_FAILED=1 | |
| RESULT_ARGS_ERR=2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Used to do some memcpy-like jobs | |
| def ip_memcpy(dst, src, n): | |
| idautils.PutDataList(dst, idautils.GetDataList(src, n, 1), 1) |
SilverBut
/ ida_plugins.md
Last active
April 29, 2018 13:24
[IDA Plugin Collection] Collect some plugins I am using. #tags: reverse, IDA, IDAPython
SilverBut
/ not_my_github.md
Last active
May 1, 2018 15:23
每次当有人将政治事件相关的帖子发到Github上时,总有一些人打着“防止Github被墙”的大旗四处招摇。本Gist用于记录这些帐号,其突出特点是,极度自私自利,短视而目中无人,无法在私权和公权之间作出合理的取舍。
我(本gist的作者)认为,在github上谈论政治问题的确导致了绝大多数人写代码的工作环境被打扰,对此表达自己的不满和意见也十分正常。但如果说是“预防被墙”或者“这么牛逼你行你上在这里bb啥打扰我好心情”这种事不关己高高挂起的话,对不起,block。
SilverBut
/ template_quick_rename.py
Last active
July 17, 2018 07:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Reversing CPP program is painful, especially when it contains tempalte classes | |
| # But rename them is not a bad idea... | |
| def rename_copy(ord_old, name_new, ord_new=None): | |
| py_til = ida_typeinf.get_idati() | |
| py_ti = ida_typeinf.tinfo_t() | |
| py_ti.get_numbered_type(py_til, ord_old) | |
| if not ord_new: | |
| ord_new = ida_typeinf.alloc_type_ordinal(py_til) | |
| print(py_ti.set_numbered_type(py_til, ord_new, 4, name_new)) |
SilverBut
/ find_movement.md.py
Last active
November 14, 2021 14:39
could be helpful if you want to get 61w.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # coding: utf-8 | |
| # Original camera video resolution | |
| RES_FROM=(2560,1920) | |
| # If set to 4, then sampled down to 1/4 resolution to speed up | |
| RESIZE = 4 | |
| # POI is under target resolution. | |
| # First point is top left cornor of ROI, and second one is bottom right cornor | |
| # (0,0) is at top left cornor of the whole graph. |
SilverBut
/ cat patch_virtiofs_memleak.rs
Created
January 29, 2024 16:23
Mitigation patch for virtio-win/kvm-guest-drivers-windows#1004 if you are using vm.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /// Put it under memflow examples, install memflow, and cargo run this. | |
| use log::Level; | |
| use std::str::FromStr; | |
| use crc::{Crc, CRC_32_CKSUM}; | |
| use pelite::{self, pe64::exports::Export, PeView}; | |
| use std::convert::TryInto; | |
| use iced_x86::{code_asm::CodeAssembler, code_asm as ca}; | |
| use memflow::prelude::v1::*; |