somma somma
somma
/ NtQuerySystemInformation
Created
October 22, 2014 09:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $$ WinDbg script to hook NtQuerySystemInformation | |
| $$ | |
| $$ This script pull the trigger When {caller_process_name} calls nt!NtQuerySystemInformation with SystemInformationClass 5. | |
| $$ | |
| $$ Usage: $$>a< {caller_process_name} | |
| $$ ex) | |
| $$ kd> bp nt!NtQuerySystemInformation "$$>a< d:\work.windbg\NtQuerySystemInformation.txt procexp64.exe" | |
| $$ | |
| $$ by somma ([email protected]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #if defined(_WIN64) | |
| //> x64 code | |
| ULONG64 x64_read_msr(IN UINT32 msr_index); | |
| void x64_write_msr(IN UINT32 msr_index, IN UINT32 msr_low, IN UINT32 msr_high); | |
| #elif defined(_X86_) | |
| //> x86 code | |
| void __stdcall x86_read_msr(IN UINT32 msr_index, OUT MSR* msr); | |
| void __stdcall x86_write_msr(IN UINT32 msr_index, IN UINT32 msr_low, IN UINT32 msr_high); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/python3.2 | |
| def repeat (function, params, times): | |
| for calls in range (times): | |
| function (*params) | |
| def foo (a, b): | |
| print ('{} are {}'.format (a, b) ) | |
| repeat (foo, ['roses', 'red'], 4) |
somma
/ raii_sample_02
Last active
August 29, 2015 13:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /****************************************************************************** | |
| * RAII (Resource Acquisition Is Initialization ) | |
| ******************************************************************************/ | |
| /* ex) | |
| raii_handle map_handle( | |
| CreateFileMapping(file_handle, NULL, PAGE_READONLY, 0, 1, NULL), | |
| raii_CloseHandle | |
| ); | |
| if (NULL == map_handle.get()) | |
| { |
somma
/ raii_sample_01
Created
March 26, 2014 07:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class handle_placeholder | |
| { | |
| public: | |
| handle_placeholder(HANDLE handle): _handle(handle){} | |
| ~handle_placeholder(){ close(); } | |
| void close() | |
| { | |
| if (INVALID_HANDLE_VALUE != _handle) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Table: bytea_test | |
| -- DROP TABLE bytea_test; | |
| CREATE TABLE bytea_test | |
| ( | |
| md5_key bytea | |
| ) | |
| WITH ( | |
| OIDS=FALSE |
NewerOlder