Skip to content

Instantly share code, notes, and snippets.

View valkheim's full-sized avatar
🔥
ORUGKIDHMFWWKCQ=

valkheim

🔥
ORUGKIDHMFWWKCQ=
34 followers · 398 following
View GitHub Profile
@valkheim
valkheim / decode.rs
Created May 12, 2024 17:48
tokio bencode string decoder
use bytes::Buf;
use tokio_util::codec;
use super::BeEncode;
pub struct StringDecoder;
impl codec::Decoder for StringDecoder {
type Item = BeEncode;
@valkheim
valkheim / evm.patch
Created March 19, 2023 15:11
flipper zero - reenable evm
diff --git applications/main/nfc/nfc.c applications/main/nfc/nfc.c
index 4540f5d9..16d5837e 100644
--- applications/main/nfc/nfc.c
+++ applications/main/nfc/nfc.c
@@ -290,8 +290,6 @@ int32_t nfc_app(void* p) {
} else if(nfc->dev->format == NfcDeviceSaveFormatMifareClassic) {
scene_manager_next_scene(nfc->scene_manager, NfcSceneMfClassicEmulate);
DOLPHIN_DEED(DolphinDeedNfcEmulate);
- } else if(nfc->dev->format == NfcDeviceSaveFormatBankCard) {
- scene_manager_next_scene(nfc->scene_manager, NfcSceneDeviceInfo);
@valkheim
valkheim / dga.py
Created February 14, 2022 20:33
import datetime
import hashlib
import random
import struct
def dga(tlds: [str], seed: int, seq_init: int, seq_len: int, dt: int = None) -> str:
if dt is None:
dt = datetime.datetime.today().toordinal()
hash_str = str(dt).encode("ascii") + str(seed).encode("ascii")
@valkheim
valkheim / string_trie_search.cpp
Created January 27, 2022 11:55
class Trie {
public:
Trie() {
memset(children, 0, sizeof(children));
valid = false;
}
void insert(string word) {
// from trie root
auto node = this;
@valkheim
valkheim / sections.txt
Created November 11, 2021 00:05
Quick glance at ELF sections during a pwn debug session
[*] ELF sections summary:
+-------+--------------------+----------+-------+-------+-----------------+
| index | name | vaddr | size | perms | type |
+-------+--------------------+----------+-------+-------+-----------------+
| 0x0 | | 0x0 | 0x0 | --- | SHT_NULL |
| 0x1 | .interp | 0x400238 | 0x1c | r-- | SHT_PROGBITS |
| 0x2 | .note.ABI-tag | 0x400254 | 0x20 | r-- | SHT_NOTE |
| 0x3 | .note.gnu.build-id | 0x400274 | 0x24 | r-- | SHT_NOTE |
| 0x4 | .gnu.hash | 0x400298 | 0x38 | r-- | SHT_GNU_HASH |
| 0x5 | .dynsym | 0x4002d0 | 0xf0 | r-- | SHT_DYNSYM |
@valkheim
valkheim / gist:6efc6d61ad06e36832b973c0b12cdf85
Created October 31, 2021 21:16
prepare_kernel.sh
KERNEL=4.10.3
NPROC=$(nproc)
HERE=$(dirname $(readlink -f "$0"))
function log
{
printf "[+] $1\n"
}
@valkheim
valkheim / ioctl_decoding.py
Last active August 5, 2021 14:51
IOCTL decoding
"""
IOCTL decoding into an IOCTL dataclass
See also:
* https://www.osronline.com/article.cfm%5Earticle=229.htm
* http://www.ioctls.net/
* https://github.com/h0mbre/ioctl.py
* https://github.com/nccgroup/DriverBuddy/blob/master/DriverBuddy/ioctl.py
* https://social.technet.microsoft.com/wiki/contents/articles/24653.decoding-io-control-codes-ioctl-fsctl-and-deviceiocodes-with-table-of-known-values.aspx
@valkheim
valkheim / download_pdb_database.py
Created July 9, 2021 07:01 — forked from lucasg/download_pdb_database.py
Download pdb and PE files from microsoft symbol store
import os
import re
import sys
import logging
import argparse
import subprocess
import requests
@valkheim
valkheim / IDTClient.c
Created June 4, 2021 14:49 — forked from Barakat/IDTClient.c
Windows x86 Interrupt Descriptor Table (IDT) hooking driver
//
// Windows x86 Interrupt Descriptor Table (IDT) hook test
//
// Barakat Soror (https://twitter.com/barakatsoror)
//
#include <Windows.h>
int main(void)
{
@valkheim
valkheim / Download-AppxFromStore.ps1
Last active November 14, 2022 23:22
<#
Update 2021-05-22
https://raw.githubusercontent.com/MattiasC85/Scripts/master/OSD/Download-AppxFromStore.ps1
https://github.com/microsoftfeedback/WinDbg-Feedback/issues/19
https://www.microsoft.com/en-us/p/windbg-preview/9pgjgd53tn86
Update 2020-02-18
Thanks @BruceDawson0xB for pointing out the flaw in the regex pattern. if %tmp% began with a lowercase char the script would fail.