There are two parts to networking within QEMU:
- The virtual network device that is provided to the guest (e.g. a PCI network card).
- The network backend that interacts with the emulated NIC (e.g. puts packets onto the host's network).
bruce30262
/ fix_riscv_decompile.py
Created
November 14, 2020 09:39
ghidra python script for fixing "Unknown Error" in the decompile window of RISC-V binary ( for RV64I language binary )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Check out the issue for more detail : https://github.com/NationalSecurityAgency/ghidra/issues/2466 | |
| # The script will calculate the value of gp register base on the code in entry(), then apply the value to all the functions | |
| # This only work in the `RV64I` language though, since other language like `RV64GC` won't set the gp register in entry() | |
| from java.math import BigInteger | |
| def newAddress(offset): | |
| """ | |
| Helper function to get a Ghidra Address type | |
| """ |
bruce30262
/ qemu-networking.md
Created
June 18, 2019 10:31
— forked from extremecoders-re/qemu-networking.md
Setting up Qemu with a tap interface
bruce30262
/ seccomp_ptrace_escape.c
Created
October 28, 2018 12:29
— forked from thejh/seccomp_ptrace_escape.c
PoC for bypassing seccomp if ptrace is allowed (known, documented issue, even mentioned in the manpage)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <assert.h> | |
| #include <signal.h> | |
| #include <errno.h> | |
| #include <fcntl.h> | |
| #include <stddef.h> | |
| #include <sys/syscall.h> | |
| #include <sys/types.h> | |
| #include <sys/stat.h> |
bruce30262
/ exp_heaven.py
Last active
October 20, 2017 05:44
Solutions for HeapHeaven, HeapsOfPrint & HouseOfScepticism from Hack.lu 2017 CTF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # HeapHeaven | |
| # solved by bruce30262 | |
| from pwn import * | |
| import subprocess | |
| import sys | |
| import time |
bruce30262
/ readc.c
Created
August 22, 2017 12:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <windows.h> | |
| int main() | |
| { | |
| char v1[1000]; // ebx@3 | |
| signed int result; // eax@7 | |
| DWORD BytesReturned; // [sp+Ch] [bp-1Ch]@2 | |
| char OutBuffer[1000]; // [sp+10h] [bp-18h]@2 | |
| LONG lDistanceToMove = 512; // [sp+24h] [bp-4h]@3 |
bruce30262
/ picturemgr2.py
Created
August 16, 2017 08:14
— forked from seanwupi/picturemgr2.py
DEFCON 2017 CTF picturemgr sprintf Stack Overflow Exploit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # By Sean @ HITCON | |
| import re | |
| import socket | |
| import sys | |
| import string | |
| import random |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2.7 | |
| # -*- coding: utf-8 -*- | |
| import signal | |
| import sys | |
| from random import randint | |
| import os, pipes | |
| from shutil import rmtree | |
| from shutil import copyfile | |
| import subprocess |
bruce30262
/ solib-deps.sh
Created
October 26, 2016 07:04
— forked from toojays/solib-deps.sh
Given a shared library (or executable) print the symbols it uses from libraries it directly depends on.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| # Given a shared library, print the symbols it uses from other libraries it | |
| # directly depends on. | |
| LIB=$1 | |
| # Use readelf rather than ldd here to only get direct dependencies. | |
| DEPS=$(readelf -d $LIB | awk '/Shared library:/{ print substr($5, 2, length($5) - 2) }') |
bruce30262
/ dump.def
Created
October 11, 2016 13:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| == disasm: #<ISeq:<compiled>@<compiled>>================================ | |
| == catch table | |
| | catch type: break st: 0096 ed: 0102 sp: 0000 cont: 0102 | |
| | catch type: break st: 0239 ed: 0245 sp: 0000 cont: 0245 | |
| |------------------------------------------------------------------------ | |
| local table (size: 3, argc: 0 [opts: 0, rest: -1, post: 0, block: -1, kw: -1@-1, kwrest: -1]) | |
| [ 3] k [ 2] xs | |
| 0000 trace 1 ( 1) | |
| 0002 putself | |
| 0003 putstring "digest" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # reference: http://fadec0d3.blogspot.tw/2016/05/defcon-ctf-quals-2016-legit00003.html | |
| TEMPLATE = """ | |
| <?xml version="1.0" standalone="no" ?> | |
| <!DOCTYPE pov SYSTEM "/usr/share/cgc-replay/replay.dtd"> | |
| <pov> | |
| <cbid>service</cbid> | |
| <replay>{}</replay> |
NewerOlder