Thanks to @leogx9r for providing cracking methods.
https://gist.github.com/JerryLokjianming/71dac05f27f8c96ad1c8941b88030451#gistcomment-3762200 https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47#gistcomment-3802197 https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47#gistcomment-3803204
Note: ARM platform is not supported
| // Exception-Based AMSI Bypass | |
| // by [email protected] | |
| #include <amsi.h> | |
| #include <iostream> | |
| #include <Windows.h> | |
| #pragma comment(lib, "amsi.lib") | |
| #pragma comment(lib, "ole32.lib") | |
| #pragma warning( disable : 4996 ) | |
| #define AMSIPROJECTNAME L"scanner" |
| [ | |
| [ | |
| "NtLockProductActivationKeys", | |
| [ | |
| "UInt32 *", | |
| "UInt32 *" | |
| ] | |
| ], | |
| [ | |
| "NtLockProductActivationKeys", |
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
I now do password cracking in the cloud using a suped up AWS rig. More details here.
This document is under construction, but is intended to get you up and running quickly with cracking hashes in the cloud using the Paperspace service.
Resources used for this article:
| Moved: https://github.com/OALabs/hexcopy-ida |
| fn decompress(mut src: *const u8, dst: *mut u8) { | |
| // Skip first 2 bytes (they're always zero) | |
| src += 2; | |
| let original_dst = dst; | |
| // Load bytes_left | |
| let mut bytes_left = ((*src as i32) << 8) + 1; | |
| src += 1; | |
| bytes_left += *src as i32; |
| [Colors] | |
| AbstractTableViewBackgroundColor=#252526 | |
| AbstractTableViewHeaderTextColor=#000000 | |
| AbstractTableViewSelectionColor=#323238 | |
| AbstractTableViewSeparatorColor=#64646F | |
| AbstractTableViewTextColor=#E8EADE | |
| DisassemblyAddressBackgroundColor=#XXXXXX | |
| DisassemblyAddressColor=#BD63C5 | |
| DisassemblyAutoCommentBackgroundColor=#XXXXXX | |
| DisassemblyAutoCommentColor=#787878 |
So, with credit to the Factorio wiki and cbednarski's helpful gist, I managed to eventually setup a Factorio headless server. Although, I thought the process could be nailed down/simplified to be a bit more 'tutorialised' and also to document how I got it all working for my future records.
The specific distro/version I'm using for this guide being Ubuntu Server 16.04.1 LTS. Although, that shouldn't matter, as long as your distro supports systemd (just for this guide, not a Factorio headless requirement, although most distros use it as standard now).
The version of Factorio I shall be using is 0.14.20, although should work for any version of Factorio 0.14.12 and higher.
Just a note to newcomers: If there are any issues with the installation steps, people in the comments are doing a good job
