korniltsev
/ idapython_cheatsheet.md
Created
October 2, 2022 05:52
— forked from icecr4ck/idapython_cheatsheet.md
Cheatsheet for IDAPython
korniltsev
/ nemty_str_decoder.py
Created
October 2, 2022 05:46
— forked from alexander-hanel/nemty_str_decoder.py
IDAPython script for decoding strings in nemty
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| from Crypto.Cipher import ARC4 | |
| def str_decrypt(enc_data): | |
| key = 'fuckav\x00' | |
| cipher = ARC4.new(key) | |
| try: | |
| enc_data = base64.b64decode(enc_data) | |
| except: | |
| return enc_data |
korniltsev
/ stacktrace.cxx
Last active
November 5, 2020 10:07
— forked from fmela/stacktrace.cxx
A C++ function that produces a stack backtrace with demangled function & method names.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Copyright (c) 2009-2017, Farooq Mela | |
| * All rights reserved. | |
| * | |
| * Redistribution and use in source and binary forms, with or without | |
| * modification, are permitted provided that the following conditions are met: | |
| * | |
| * 1. Redistributions of source code must retain the above copyright | |
| * notice, this list of conditions and the following disclaimer. | |
| * 2. Redistributions in binary form must reproduce the above copyright |
korniltsev
/ qemu-2.7.0-aslr_heap_pie_nx_wxorx_mmap.patch
Created
October 28, 2020 19:07
— forked from Dliv3/qemu-2.7.0-aslr_heap_pie_nx_wxorx_mmap.patch
Qemu aslr, heapaslr, pie, NX and W^X implementation (NX only for arm and mips atm)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -Naur qemu-2.7.0.orig/cpu-exec.c qemu-2.7.0/cpu-exec.c | |
| --- qemu-2.7.0.orig/cpu-exec.c 2016-09-02 17:34:17.000000000 +0200 | |
| +++ qemu-2.7.0/cpu-exec.c 2017-01-19 09:34:00.817088525 +0100 | |
| @@ -33,6 +33,9 @@ | |
| #include "hw/i386/apic.h" | |
| #endif | |
| #include "sysemu/replay.h" | |
| +#include "syscall_defs.h" | |
| + | |
| +extern int do_nx; |
korniltsev
/ listdevices
Created
November 23, 2019 21:23
— forked from PsychoTea/PanicParser.py
A collection of useful iOS-related scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for id in $(idevice_id -l); do | |
| ideviceinfo_data=$(ideviceinfo -u $id) | |
| product_type=$(echo "$ideviceinfo_data" | grep ProductType | sed 's/ProductType: //g') | |
| # strip 'iPhone' or 'iPad' and the comma from the product type | |
| short_product_type=$(echo "$product_type" | sed 's/iPhone//g; s/iPad//g; s/,//g' ) |
korniltsev
/ unflower_cms.py
Created
November 12, 2019 21:59
— forked from LeadroyaL/unflower_cms.py
Unicorn实战(一):去掉libcms.so的花指令
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from elftools.elf.constants import P_FLAGS | |
| from elftools.elf.elffile import ELFFile | |
| from unicorn import Uc, UC_ARCH_ARM, UC_MODE_LITTLE_ENDIAN, UC_HOOK_CODE, UC_PROT_READ, UC_PROT_WRITE, UC_PROT_EXEC | |
| from unicorn.arm_const import * | |
| from capstone import Cs, CS_ARCH_ARM, CS_MODE_THUMB, CsInsn | |
| from keystone import Ks, KS_MODE_THUMB, KS_ARCH_ARM | |
| # 找到.text节 | |
| filename = "./libcms.so" |
korniltsev
/ scapy_bridge.py
Created
September 3, 2019 19:23
— forked from eXenon/scapy_bridge.py
Use scapy as a modifying proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| """ | |
| Use scapy to modify packets going through your machine. | |
| Based on nfqueue to block packets in the kernel and pass them to scapy for validation | |
| """ | |
| import nfqueue | |
| from scapy.all import * | |
| import os |
korniltsev
/ qemu-networking.md
Created
August 6, 2019 22:37
— forked from extremecoders-re/qemu-networking.md
Setting up Qemu with a tap interface
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import urllib | |
| import gzip | |
| import cStringIO | |
| urllib.quote_plus = urllib.quote | |
| class Request: |
NewerOlder