kohnakagawa
/ pybind11sigsegv.cpp
Last active
June 1, 2020 13:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <pybind11/pybind11.h> | |
| #include <stdexcept> | |
| void func() { | |
| // NOTE: If Py_BEGIN_ALLOW_THREADS and Py_END_ALLOW_THREADS are not commented out, calling "func" exits with SIGSEGV. | |
| // Py_BEGIN_ALLOW_THREADS | |
| throw std::logic_error("an exception occurred"); | |
| // Py_END_ALLOW_THREADS | |
| } |
kohnakagawa
/ show_iat_int.cpp
Created
May 30, 2020 09:36
Loader によって IAT エントリーが上書きされる前の値を取得するためのサンプルコード
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <DbgHelp.h> | |
| #include <iostream> | |
| #include <fstream> | |
| #include <filesystem> | |
| #include <vector> | |
| #pragma comment(lib, "Dbghelp.lib") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import lief | |
| lief.Logger.set_level(lief.LOGGING_LEVEL.DEBUG) | |
| fileParsed = lief.parse("calc.exe") | |
| builder = lief.PE.Builder(fileParsed) | |
| # Configure it to rebuild and patch the imports | |
| builder.build_imports(True).patch_imports(True) |
kohnakagawa
/ syscall_number_mapper.py
Created
May 18, 2020 06:30
— forked from h4z31/syscall_number_mapper.py
[rough] mapping system call numbers of Zw APIs from local ntdll.dll on Windows 10 by binaryninja
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from binaryninja import * | |
| log_to_stderr(1) | |
| def get_syscall_no(zwf): | |
| for b in zwf.basic_blocks: | |
| for i in b.get_disassembly_text(): | |
| if str(i).startswith("syscall"): | |
| eax = zwf.get_reg_value_at(i.address, "eax") | |
| if eax.type == RegisterValueType.ConstantValue: |
kohnakagawa
/ sample1.ipynb
Created
May 9, 2020 06:51
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
kohnakagawa
/ liefdefs_lang.txt
Created
May 1, 2020 03:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _LIEF_EI(LANG_NEUTRAL) 0x00 | |
| _LIEF_EI(LANG_INVARIANT) 0x7f | |
| _LIEF_EI(LANG_AFRIKAANS) 0x36 | |
| _LIEF_EI(LANG_ALBANIAN) 0x1c | |
| _LIEF_EI(LANG_ARABIC) 0x01 | |
| _LIEF_EI(LANG_ARMENIAN) 0x2b | |
| _LIEF_EI(LANG_ASSAMESE) 0x4d | |
| _LIEF_EI(LANG_AZERI) 0x2c | |
| _LIEF_EI(LANG_BASQUE) 0x2d | |
| _LIEF_EI(LANG_BELARUSIAN) 0x23 |
kohnakagawa
/ show_hexdump.py
Created
February 13, 2020 04:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a = [0x00, 0x10, 0x00, 0x00, 0xc0, 0xa1, 0x00, 0x00] | |
| print("".join("{0:02x}".format(i) for i in a)) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const std = @import("std"); | |
| const ok = std.testing.ok; | |
| fn inner_product(v1: [3]f32, v2: [3]f32) f32 { | |
| var sum: f32 = 0.0; | |
| for (v1) |v, i| { | |
| sum += v * v2[i]; | |
| } | |
| return sum; | |
| } |
kohnakagawa
/ check_tls_slots_content.cpp
Created
November 14, 2019 06:24
TEBに含まれるTLS Slotsに含まれる内容を確認するために使うコード
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <winnt.h> | |
| #include <stdio.h> | |
| #define THREADCOUNT 4 | |
| DWORD dwTlsIndex; | |
| VOID ErrorExit(LPSTR); | |
| VOID CommonFunc(VOID) |
kohnakagawa
/ test.asm
Created
November 1, 2019 01:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bfi x14, x6, #3, #0xa | |
| adr x15, #0xa258 | |
| stp w6, w15, [x14] | |
| bl #0x9b00 | |
| br x17 |