This is a work in progress by someone who is learning about Binary Ninja.
References
- https://api.binary.ninja/binaryninja.binaryview-module.html
- https://gist.github.com/psifertex/6fbc7532f536775194edd26290892ef7
Get database name
jborean93
/ Get-SMBApplicationKey.ps1
Last active
October 12, 2022 19:44
Gets the SMB2 Application Key from a Logon Session
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2022, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| <# Example Code to Run on the Server | |
| $pipeServer = [System.IO.Pipes.NamedPipeServerStream]::new("jordan-test", [System.IO.Pipes.PipeDirection]::InOut) | |
| $pipeServer.WaitForConnection() | |
| try { | |
| $tokenStat = Get-NamedPipeClientStatistics -Pipe $pipeServer | |
| $appKey = Get-SMBApplicationKey -LogonId $tokenStat.AuthenticationId | |
| [System.Convert]::ToBase64String($appKey.Applicationkey) |
0xca7
/ gist:f5d8d20fa07b69327cffa011296cda8d
Created
September 19, 2022 11:33
get config from sample 7440a7b56d3670d4204a57974fa76ae76ca78168bb181640f565976d192cc159
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| extracts config from sample: 7440a7b56d3670d4204a57974fa76ae76ca78168bb181640f565976d192cc159 | |
| 0xca7 | |
| """ | |
| from elftools.elf.elffile import ELFFile | |
| def read_elf(path) -> bytes: |
awakecoding
/ Get-RdpLogonEvent.ps1
Created
September 7, 2022 01:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-RdpLogonEvent | |
| { | |
| [CmdletBinding()] | |
| param( | |
| [Int32] $Last = 10 | |
| ) | |
| $RdpInteractiveLogons = Get-WinEvent -FilterHashtable @{ | |
| LogName='Security' | |
| ProviderName='Microsoft-Windows-Security-Auditing' |
X-C3LL
/ FreshyCalls-VBA.vba
Created
September 4, 2022 23:51
Retrieving SSN for syscalling in VBA following FreshyCalls technique
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' Proof of Concept: retrieving SSN for syscalling in VBA | |
| ' Author: Juan Manuel Fernandez (@TheXC3LL) | |
| 'Based on: | |
| 'https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams/ | |
| 'https://www.crummie5.club/freshycalls/ | |
| Private Type LARGE_INTEGER |
NyaMisty
/ outline_graph.py
Created
September 1, 2022 01:02
IDA Graph view with outlined function included
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| summary: drawing custom graphs | |
| description: | |
| Showing custom graphs, using `ida_graph.GraphViewer`. In addition, | |
| show how to write actions that can be performed on those. | |
| keywords: graph, actions | |
| """ | |
| from __future__ import print_function | |
| # ----------------------------------------------------------------------- |
janoglezcampos
/ direct_syscall.rs
Last active
September 2, 2022 13:26
Simplest rust direct syscall example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #![allow(non_snake_case)] | |
| use std::arch::global_asm; | |
| use std::mem::size_of; | |
| use winapi::shared::ntdef::{OBJECT_ATTRIBUTES, HANDLE, NULL, PHANDLE, NTSTATUS}; | |
| use winapi::um::winnt::{ACCESS_MASK, PROCESS_VM_WRITE, PROCESS_VM_READ}; | |
| #[cfg(not(target_arch = "x86_64"))] | |
| compile_error!("Only x86_64 machines"); |
Armatix
/ httpPostRequest.js
Last active
September 12, 2022 22:52
Frida http post request from java/android
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function javaPost(url, data) { | |
| const thread = Java.use("java.lang.Thread").$new(); | |
| const Tjava = Java.ClassFactory.get(thread.getContextClassLoader()); | |
| const Url = Tjava.use("java.net.URL").$new(url); | |
| let connection = Url.openConnection(); | |
| connection = Java.cast(connection, Tjava.use("java.net.HttpURLConnection")); | |
| connection.setRequestMethod("POST"); | |
| connection.setDoOutput(true); | |
| connection.setRequestProperty("Content-Type", "application/json;"); | |
| const postData = Tjava.use("java.lang.String").$new(data); |
rqu1
/ checkmk.py
Last active
August 4, 2024 16:42
check if a PAN firewall is using the default master key when globalprotect is enabled
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from hashlib import md5, sha1 | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from base64 import b64encode, b64decode | |
| import sys, time | |
| import requests | |
| DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8' | |
| class PanCrypt(): |
d0now
/ 2022-HTB-BUSINESS-CTF-Midenios.md
Last active
August 23, 2022 06:18
2022 HackTheBox Business CTF Midenios
- My first time firefox js exploit
- Not a intended way, but I was fast (first blood)