Skip to content

Instantly share code, notes, and snippets.

View io-mi's full-sized avatar

io-mi

3 followers · 25 following
  • Berlin, Germany
View GitHub Profile
@passivestar
passivestar / Editor.tres
Last active January 12, 2025 21:14
Godot editor theme
[gd_resource type="Theme" load_steps=12 format=3 uid="uid://7bvxnk5n5imx"]
[sub_resource type="StyleBoxFlat" id="StyleBoxFlat_6h42l"]
content_margin_left = 10.5
content_margin_top = 8.75
content_margin_right = 10.5
content_margin_bottom = 8.75
bg_color = Color(0.117647, 0.117647, 0.117647, 1)
draw_center = false
border_color = Color(1, 1, 1, 0.137255)
@bitonic
bitonic / vectorized-atan2f.cpp
Last active May 15, 2025 09:58
Vectorized & branchless atan2f
// Copyright (c) 2021 Francesco Mazzoli <[email protected]>
//
// Permission to use, copy, modify, and distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
@smhanov
smhanov / OpenType.ts
Last active March 30, 2025 18:19
Here is my implementation of a TrueType font reader in Typescript. You can read a font directly from an ArrayBuffer, and then call drawText() to draw it. See my article http://stevehanov.ca/blog/index.php?id=143. The second file, OpenType.ts is the same thing but it handles more TrueType files. It is also more coplex
// To see this run, you first stub out these imports. Then put the file in a Uint8Array.
// let slice = new Slice(array);
// let font = new OTFFont(slice);
// Then you can call methods like font.drawText(canvasContext, )
//
//
import { ICanvasContext } from "./ICanvasContext"
import { log as Log } from "./log"
const log = Log.create("OPENTYPE");
@LeadroyaL
LeadroyaL / unflower_cms.py
Last active March 8, 2024 12:04
Unicorn实战(一):去掉libcms.so的花指令
from elftools.elf.constants import P_FLAGS
from elftools.elf.elffile import ELFFile
from unicorn import Uc, UC_ARCH_ARM, UC_MODE_LITTLE_ENDIAN, UC_HOOK_CODE, UC_PROT_READ, UC_PROT_WRITE, UC_PROT_EXEC
from unicorn.arm_const import *
from capstone import Cs, CS_ARCH_ARM, CS_MODE_THUMB, CsInsn
from keystone import Ks, KS_MODE_THUMB, KS_ARCH_ARM
# 找到.text节
filename = "./libcms.so"
@mikhailov-work
mikhailov-work / turbo_colormap.py
Created August 8, 2019 23:31
Turbo Colormap Look-up Table
# Copyright 2019 Google LLC.
# SPDX-License-Identifier: Apache-2.0
# Author: Anton Mikhailov
turbo_colormap_data = [[0.18995,0.07176,0.23217],[0.19483,0.08339,0.26149],[0.19956,0.09498,0.29024],[0.20415,0.10652,0.31844],[0.20860,0.11802,0.34607],[0.21291,0.12947,0.37314],[0.21708,0.14087,0.39964],[0.22111,0.15223,0.42558],[0.22500,0.16354,0.45096],[0.22875,0.17481,0.47578],[0.23236,0.18603,0.50004],[0.23582,0.19720,0.52373],[0.23915,0.20833,0.54686],[0.24234,0.21941,0.56942],[0.24539,0.23044,0.59142],[0.24830,0.24143,0.61286],[0.25107,0.25237,0.63374],[0.25369,0.26327,0.65406],[0.25618,0.27412,0.67381],[0.25853,0.28492,0.69300],[0.26074,0.29568,0.71162],[0.26280,0.30639,0.72968],[0.26473,0.31706,0.74718],[0.26652,0.32768,0.76412],[0.26816,0.33825,0.78050],[0.26967,0.34878,0.79631],[0.27103,0.35926,0.81156],[0.27226,0.36970,0.82624],[0.27334,0.38008,0.84037],[0.27429,0.39043,0.85393],[0.27509,0.40072,0.86692],[0.27576,0.41097,0.87936],[0.27628,0.42118,0.89123],[0.27667,0.43134,0.90254],[0.27691,0.44145,0.913
@ricardo2197
ricardo2197 / return to dl-resolve.md
Last active March 27, 2025 19:02
Return-to dl-resolve

0ctf babystack with return-to dl-resolve

In this write-up I will discuss how I managed to solve the challenge "babystack" from 0ctf with a technique called return to dl-resolve. I did not know this kind of return-to attack before the contest. In the following sections a detailed explanation of the entire exploit will be presented.

1. Binary analysis

I downloaded the provided binary babystack and quickly fired up binaryninja alongside with gdb to analyze it. I quickly realized a buffer overflow vulnerability is present within sub_804843b. My first approach was to solve this challenge using a return-to-libc attack by leaking the base address of the library and call system in order to get a shell.
This technique is contingent on:

  1. Leaking libc base address
  2. Knowing the version of libc to get the offset of system.

However, the version of libc on the remote server was unknown and the ELF did not provide any function that can be us

@pklaus
pklaus / ping.py
Created March 5, 2011 09:50
A pure python ping implementation using raw socket.
#!/usr/bin/env python2
"""
Other Repositories of python-ping
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* https://github.com/l4m3rx/python-ping supports Python2 and Python3
* https://bitbucket.org/delroth/python-ping