odzhan
odzhan
/ dump_lua.cpp
Created
August 15, 2025 11:17
Dump Lua byte code from resource directory of PE file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| windiag.dll has support for executing Lua bytecode. At the time of writing, there's only one DLL that uses windiag.dll to execute Lua code and that's the Windows Hardware Error Service (whesvc.dll). | |
| The Lua byte code itself is located in the resource directory of whesvc_assets.dll | |
| You need to decompress the data before actually obtaining the byte code, but this is simply done via cabinet compression API. | |
| cl /EHsc /std:c++20 dump_lua.cpp | |
| */ | |
| #ifndef _WIN32_WINNT |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #ifndef SHA256_H | |
| #define SHA256_H | |
| #define R(v,n)(((v)>>(n))|((v)<<(32-(n)))) | |
| #define F(n)for(i=0;i<n;i++) | |
| #ifdef _MSC_VER | |
| #include <intrin.h> | |
| #define rev32(x) _byteswap_ulong(x) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| Compile with your C console project. | |
| */ | |
| #include <stdio.h> | |
| #include <windows.h> | |
| #define __UNKNOWN_APP 0 | |
| #define __CONSOLE_APP 1 | |
| #define __GUI_APP 2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //#include "x64/Debug/mscorlib.tlh" | |
| #import "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.tlb" rename("or", "or2") rename("ReportEvent", "ReportEvent2") no_namespace raw_interfaces_only | |
| #include <iostream> | |
| #define __IObjectHandle_INTERFACE_DEFINED__ | |
| #include <MScorEE.h> | |
| #include <MetaHost.h> | |
| #include <shlwapi.h> | |
| #include <vector> | |
| #include <fstream> | |
| #include "objbase.h" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| ** Demo Public Key OpenSSL Echo Client | |
| ** | |
| ** Connects to an PK Echo Server. Generates RSA Key and | |
| ** sends encoded public key to server. Response is a | |
| ** session key encoded with the public key. Sends client | |
| ** request, encoded with session key, consisting of | |
| ** header and text to be echo'd between lines 'BEGIN' | |
| ** and 'END' (inclusive). Reads server response, also | |
| ** encoded with session key, consisting of header and |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| Find involutory exponents for a modulus like a Mersenne prime: 2^31-1 | |
| Uses brute force | |
| Very fast for small numbers, very slow for anything more than 16-bits. | |
| gcc -O2 find_exp.c -ofind_exp -lcrypto | |
| */ | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <stdlib.h> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Affine Permutation File Encoder/Decoder | |
| This script allows you to encode and decode files using an Affine Permutation. | |
| It uses command-line arguments to specify the operation mode (encode or decode), input file, and output file. | |
| Additionally, it stores a SHA256 hash of the original data to verify successful decoding. | |
| Usage: | |
| To encode a file: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| LCG output... | |
| lcg(1) : 40B2947B | |
| lcg(2) : 73718F14 | |
| lcg(3) : 6203F04B | |
| lcg(4) : 1BB91A70 | |
| lcg(5) : 0CFC23E0 | |
| ICG output... | |
| icg(5) : 0CFC23E0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // FEAL-8 Block Cipher | |
| // | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| // Define the Sd function as per equation (7.6) | |
| uint8_t Sd(uint8_t x, uint8_t y, uint8_t d) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| ARADI and LLAMA: Low-Latency Cryptography for Memory Encryption | |
| Published in August 2024 | |
| Only tested on little-endian CPU. | |
| For more details, see https://eprint.iacr.org/2024/1240 | |
| */ | |
| #include <stdint.h> |
NewerOlder