Nguyen Anh Quynh aquynh
aquynh
/ gist:28db2e8a7beb55a45847
Created
January 25, 2016 06:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| <put all your code here> | |
| ``` |
aquynh
/ keystone.h
Last active
May 17, 2016 01:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Keystone Assembler Engine (www.keystone-engine.org) */ | |
| /* By Nguyen Anh Quynh <[email protected]>, 2016 */ | |
| #ifndef KEYSTONE_ENGINE_H | |
| #define KEYSTONE_ENGINE_H | |
| #ifdef __cplusplus | |
| extern "C" { | |
| #endif |
aquynh
/ keystone-sample.py
Created
March 17, 2016 06:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from keystone import * | |
| def test_ks(arch, mode, code, syntax=0): | |
| ks = Ks(arch, mode) | |
| if syntax != 0: | |
| ks.syntax = syntax | |
| encoding, count = ks.asm(code) |
aquynh
/ keystone-sample.c
Created
March 17, 2016 16:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Sample code for Keystone Assembler Engine (www.keystone-enigne.org). | |
| // By Nguyen Anh Quynh, 2016 | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <keystone/keystone.h> | |
| static int test_ks(ks_arch arch, int mode, const char *assembly, int syntax) | |
| { | |
| ks_engine *ks; |
aquynh
/ armemu.py
Created
June 27, 2016 09:40
— forked from mattypiper/armemu.py
ARM Assembly, Emulation, Disassembly using Keystone, Unicorn, and Capstone
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys | |
| from keystone import * | |
| from unicorn import * | |
| from unicorn.arm_const import * | |
| from capstone import * | |
| from capstone.arm import * | |
| from capstone.x86 import * |
aquynh
/ shellcode_maker.py
Created
September 19, 2016 08:12
— forked from peternguyen93/shellcode_maker.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from keystone import * | |
| from capstone import * | |
| from unicorn import * | |
| from unicorn.x86_const import * | |
| from struct import * | |
| from termcolor import * | |
| import os | |
| import sys |
aquynh
/ unicorn-catwestern.py
Created
October 18, 2016 01:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Still remembers the Catwestern problem in the last Defcon CTF? | |
| https://github.com/smokeleeteveryday/CTF_WRITEUPS/tree/master/2015/DEFCONCTF/coding/catwestern | |
| In the writeup above, they complained about missing x86-64 emulator. | |
| We solved this problem with Unicorn framework in this simple code. | |
| ''' | |
| from unicorn import * |
aquynh
/ install-Unicorn-core-and-Python-binding.sh
Created
October 26, 2016 15:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo pip install "https://github.com/unicorn-engine/unicorn/archive/master.zip#egg=unicorn&subdirectory=bindings/python" |
aquynh
/ pip-install-capstone-next.sh
Created
November 5, 2016 04:12
Install Core + Python binding of Capstone's next branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo pip install "https://github.com/aquynh/capstone/archive/next.zip#egg=capstone&subdirectory=bindings/python" |
aquynh
/ cover_re.py
Created
March 7, 2017 05:45
— forked from John-K/cover_re.py
Reverse Engineering a Book Cover
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python2 | |
| # -*- coding: utf-8 -*- | |
| # Solution to Book Cover Crackme from "Praktyczna inżynieria wstecznia | |
| # Edited by Gynvael Coldwind and Mateusz Jurczyk. (Applied Reverse Engineering) | |
| # PWN Bookstore: https://ksiegarnia.pwn.pl/Praktyczna-inzynieria-wsteczna,622427233,p.html | |
| # | |
| # Props to @radekk for his excellent writeup and for capturing the flag. Read his | |
| # writeup at https://vulnsec.com/2017/reverse-engineering-a-book-cover/ | |
| # | |
| # This was a fun opportunity to learn how to use Unicorn Engine, Capstone Engine, |