tetsuo 7etsuo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * ______ _______ _________ _______ | |
| * / ___ \ ( ____ \\__ __/( ____ \|\ /| | |
| * \/ ) )| ( \/ ) ( | ( \/| ) ( | | |
| * / / | (__ | | | (_____ | | | | | |
| * / / | __) | | (_____ )| | | | | |
| * / / | ( | | ) || | | | | |
| * / / | (____/\ | | /\____) || (___) | | |
| * \_/ (_______/ )_( \_______)(_______) | |
| * |
7etsuo
/ attach_process.ps1
Created
March 24, 2024 04:44
A PowerShell script to attach a debugger to a running process or a service.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| A PowerShell script to attach a debugger to a running process or a service. | |
| .DESCRIPTION | |
| This script allows you to attach a debugger (WinDBG) to a running process or a service, with optional commands executed at the start of the debugging session. | |
| It can also start an executable specified by a file path and attach the debugger to it. | |
| .PARAMETER service_name | |
| The name of the service to restart and attach the debugger to (optional). |
7etsuo
/ ExportFunctionAddressFinder.ps
Last active
March 21, 2024 02:56
The file contains pseudocode illustrating a method for finding the address of an exported function within a DLL (Dynamic Link Library) using the Export Directory Table's data structures, such as the Export Name Pointer Table and the Export Address Table.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This pseudocode assumes the existence of data structures for the export directory table | |
| # and functions to read from these structures based on Relative Virtual Addresses (RVA). | |
| # Structure definitions (simplified) | |
| struct ExportDirectoryTable { | |
| NamePointerTable namePointerTable; | |
| OrdinalTable ordinalTable; | |
| ExportAddressTable exportAddressTable; | |
| } |
7etsuo
/ PagedMemoryManagementSimulator.c
Created
March 6, 2024 00:21
This code simulates a Memory Management Unit (MMU) for understanding the logical-to-physical address translation in a paged memory system. It features a simulation environment that includes 4K page sizes, 15-bit logical, and 24-bit physical addresses for two processes, each with their own page table. The implementation uses bitwise operations to…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define MAX_PAGES_PER_PROC 8 | |
| #define MAX_PROCS 2 | |
| #define PHYSICAL_ADDRESS_MASK 0xFFFFFF | |
| #define LOGICAL_ADDRESS_MASK 0x00007fff | |
| #define VALID_BIT_MASK 0x80000000 /* bit 32 */ | |
| #define OFFSET_MASK 0x0FFF |
7etsuo
/ remote_exploit_template.c
Created
March 4, 2024 04:49
Template for a remote exploit written in C. Disables nagles algorithm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| @snowcra5h | |
| This is a template for a remote exploit. | |
| It is a skeleton that you can use to build your own exploit. | |
| +------------------+ <- Higher Memory Addresses | |
| | ... | | |
| +------------------+ | |
| | Return Address | <- Overwritten with "\x04\x03\x02\x01" |