odzhan
odzhan
/ proc_env_exit.cpp
Last active
June 12, 2024 05:01
Resolve dynamic address of Process.Environment.Exit in CLR host process using C++
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Resolve dynamic address of Process.Environment.Exit in CLR host process using C++ | |
| // | |
| // Based on : | |
| // https://www.mdsec.co.uk/2020/08/massaging-your-clr-preventing-environment-exit-in-in-process-net-assemblies/ | |
| // https://github.com/yamakadi/clroxide/blob/214222d578bf62b4c7fc860125268f4eecb9f331/examples/patch_exit.rs | |
| // https://github.com/kyleavery/inject-assembly/blob/8db977c0fd1da039df920f9dd4840d4a3ec2aa2c/src/scmain.c | |
| // https://github.com/TheWover/donut/blob/master/loader/test/rdt.cpp ;) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| Compression using undocumented API in rdpbase.dll | |
| RDPCompressEx supports four algorithms : MPPC-8K, MPPC-64K, NCRUSH and XCRUSH. | |
| This code supports all except NCRUSH. | |
| The MPPC compression ratio is very similar to LZSS, so this could be quite useful for shellcode trying to evade detection. | |
| NCRUSH compression appears to work but fails for decompression. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // LZ77 compression / decompression algorithm | |
| // this is the compression Microsoft used in Windows *.HLP and *.MRB files | |
| // It is also used with Install Shield files. These files are | |
| // recognizable by the letters SZDD in the first 4 bytes. The file | |
| // names for files compressed in this way are usually the name of the | |
| // file as it would be installed but with the last character replaced | |
| // by '_' | |
| // This program is a complete hack. I am not responsible for the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/ | |
| 00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 0A, 0B, 0C, 0D, 0E, 0F, | |
| 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 1A, 1B, 1C, 1D, 1E, 1F, | |
| 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 2A, 2B, 2C, 2D, 2E, 2F, | |
| 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 3A, 3B, 3C, 3D, 3E, 3F, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /**************************************************************** | |
| jB's ECDLP Solver v0.02 | |
| ECDLP solver over F(p) using Pollard's Rho algorithm, | |
| as described in Guide to Elliptic Curve Cryptography, | |
| by Darrel Hankerson, Alfred Menezes and Scott Vanstone. | |
| You will need MIRACL to compile it. | |
| If you find bugs, have ideas to improve it, or simply want |
odzhan
/ curl_libuv_example.c
Created
November 2, 2023 01:48
— forked from clemensg/curl_libuv_example.c
An example on how to use libuv with libcurl's multi interface
Should be equally fast on Unixes (uses epoll/kqueue/etc like libev/libevent) but MUCH faster on Windows due to libuv's usage of IO completion ports.
Could come in handy if you have to manage several hundreds or thousands of connections!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <uv.h> | |
| #include <curl/curl.h> | |
| uv_loop_t *loop; | |
| CURLM *curl_handle; | |
| uv_timer_t timeout; | |
| typedef struct curl_context_s { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| This is free and unencumbered software released into the public domain. | |
| Anyone is free to copy, modify, publish, use, compile, sell, or | |
| distribute this software, either in source code form or as a compiled | |
| binary, for any purpose, commercial or non-commercial, and by any | |
| means. | |
| In jurisdictions that recognize copyright laws, the author or authors | |
| of this software dedicate any and all copyright interest in the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define PHNT_VERSION PHNT_WIN8 | |
| #include <phnt_windows.h> | |
| #include <phnt.h> | |
| #include <cstdio> | |
| #include <cstdint> | |
| #include <cstdlib> | |
| #include <cstring> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // How to locate the WOW64 Callback Table in ntdll.dll | |
| // | |
| // @modexpblog | |
| // | |
| #define PHNT_VERSION PHNT_VISTA | |
| #include <phnt_windows.h> | |
| #include <phnt.h> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Non-standard implementation of Base-32 and Base-64 encoding to reduce entropy of data. | |
| // Example results: | |
| // | |
| // Base-32 -> 1024 bytes : Before: 7.798637, After: 4.989102 | |
| // Base-64 -> 1024 bytes : Before: 7.805048, After: 5.971653 | |
| // | |
| // The lower values after encoding show a reduction in entropy. | |
| // |