Skip to content

Instantly share code, notes, and snippets.

View alexander-hanel's full-sized avatar
😶

Alexander Hanel alexander-hanel

😶
152 followers · 94 following
View GitHub Profile
@alexander-hanel
alexander-hanel / README.md
Last active April 20, 2022 04:12
Cryptopals Rust Solutions

Cryptopals

link

Set 1

Challenge 1: Convert hex to base64

use std::str;
extern crate base64;
@alexander-hanel
alexander-hanel / README.md
Last active April 20, 2022 19:30
Rust Ownership and Borrow Notes

Rust Ownership Notes

Rather than relying on garbage collection or user memory allocation (via allocate/free memory), Rust relys on the compiler to ensure memory is managed through ownership.

Ownership is a set of rules that governs how a Rust program manages memory.

Ownership helps with organizing how data is stored in the heap, minimizing duplication of data in the heap and cleaning up the heap. Data types (e.g. Scalar types) are not stored in the heap. Data types (e.g. integers) can be easily pushed/stored and popped/removed on the stack. Rust enforces single ownership.

Ownership Rules

@alexander-hanel
alexander-hanel / README.md
Last active December 25, 2024 13:24
intro to opaque predicates notes

opaque predicates

In computer programming, an opaque predicate is a predicate—an expression that evaluates to either "true" or "false"—for which the outcome is known by the programmer a priori, but which, for a variety of reasons, still needs to be evaluated at run time

Source

Opaque predicates appears to have been first used by Christian Collberg & Clark Thomborson back in 1997 source. The technique is discussed in their paper A Taxonomy of Obfuscating Transformations.

Notes from A Taxonomy of Obfuscating Transformations

@alexander-hanel
alexander-hanel / README.md
Last active September 30, 2023 01:20
Learning Rust
@alexander-hanel
alexander-hanel / IconExample.py
Created August 21, 2021 01:17
IconExample IDAPYTHON
import ida_kernwin
"""
mostly stolen from https://github.com/idapython/ examples/ex_actions.py
"""
class IconExample(ida_kernwin.action_handler_t):
def __init__(self, passed):
ida_kernwin.action_handler_t.__init__(self)
@alexander-hanel
alexander-hanel / ctypes_from_buffer.py
Last active September 3, 2021 16:27
ctypes from buffer example
class COFFSYMBOLTABLE(ctypes.Structure):
"""
Described in [PE-COFF] 5.4. Coff Symbol Table
"""
_pack_ = 1
_fields_ = [
("zeroes", ctypes.c_uint), ("offset", ctypes.c_uint), ("value", ctypes.c_uint),
("section_number", ctypes.c_short), ("type", ctypes.c_ushort), ("storage_class", ctypes.c_ubyte),
("number_aux_symbols", ctypes.c_ubyte)
]
@alexander-hanel
alexander-hanel / export.py
Created August 2, 2021 16:56
x64dbg Address Export to IDA for Import Rebuilding
from idaapi import *
import idautils
import idc
class X64DBG_ADDR_TO_IDA:
def __init__(self):
self.fileName = ida_kernwin.ask_file(0, "*.*", 'X64DBG Address Exported')
self.content = []
self.getFile()
self.renameAddr()
@alexander-hanel
alexander-hanel / go_functab.py
Created April 26, 2021 18:03
redefine functions for go lang. Kind of sucks but it works.
func_tab = idc.get_name_ea_simple("functab")
for ea in idautils.DataRefsTo(func_tab):
offset = idc.get_qword(ea)
ida_bytes.del_items(offset)
ida_auto.auto_wait()
idc.create_insn(offset)
ida_auto.auto_wait()
@alexander-hanel
alexander-hanel / notes.md
Last active April 23, 2021 23:58
Go 1.16 File Update Notes

New moduledata format

type moduledata struct {
	pcHeader     *pcHeader
	funcnametab  []byte
	cutab        []uint32
	filetab      []byte
	pctab        []byte
	pclntable []byte
@alexander-hanel
alexander-hanel / gogo.py
Last active March 19, 2022 18:15
GoLang Argument Parsing and Backtracing
DEBUG = True
def get_basic_block(ea):
"""get basic blocks of address"""
f = idaapi.get_func(ea)
fc = idaapi.FlowChart(f)
for block in fc:
if block.start_ea <= ea:
if block.end_ea > ea:
return block.start_ea, block.end_ea