Skip to content

Instantly share code, notes, and snippets.

View Barakat's full-sized avatar

Barakat Barakat

108 followers · 4 following
View GitHub Profile
@Barakat
Barakat / resumable_sha256.py
Created November 17, 2023 09:36
Modified implementation of sha256 that allows resuming from arbitrary hash state and perfroming length extension attacks
#!python3
import struct
import binascii
import hashlib
def resumable_sha256(message_with_pad: bytes, state: [int]) -> str:
"""
Modified implementation of sha256 that allows resuming from arbitrary hash state. The original sha256 hashing state
@Barakat
Barakat / compiled_file_python_version.py
Created November 6, 2023 21:08 — forked from delimitry/compiled_file_python_version.py
Get the version of Python by which the file was compiled
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
A script to get the version of Python by which the file was compiled
"""
from __future__ import print_function
import binascii
import os
@Barakat
Barakat / emu.py
Created February 14, 2020 15:06
#!python3
# -*- coding: utf-8 -*-
# pip install unicorn
import unicorn
import unicorn.x86_const
def required_mapping_size(size):
page_size = 4096
while page_size < size:
@Barakat
Barakat / Nullcon2020.md
Last active April 14, 2020 17:10
Nullcon 2020 writeup

Zelda and the Zombies

تحدي Zelda and the Zombies عبارة عن لعبة مطلوب أن تقتل أي أحد من الأعداء عشان يطلع الفلاق، لكن طاقتهم كبيرة جداً 999999 وصعب تقتلهم يدوي، قلت أجرب استخدم Cheat Engine عشان أدور على طاقة واحد منهم وأنقصتها مباشرة في الذاكرة ومن ضربة واحدة يموت

zelda

@Barakat
Barakat / dora.py
Last active February 9, 2020 21:03
Nullcon 2020 - dora
import cv2 as cv
import numpy as np
def test(method = (cv.TM_CCOEFF)):
img = cv.imread('input.png', 0)
fill_color = img[0, 0]
width, height = img.shape[:2]
fill_color = int(fill_color)
@Barakat
Barakat / year3000.py
Last active February 9, 2020 21:04
Nullcon 2020 - year3000
import base64
import struct
from pwn import *
def parse_x64(filename):
with open(filename, 'rb') as fp:
fp.seek(0x820)
character = fp.read(1)
fp.seek(0x819)
@Barakat
Barakat / out.asm
Last active February 9, 2020 21:03
Nullcon 2020 - returminator
pop rax = flag
pop rdi = 0
add rax, rdi
mov rdi, rax
movzx rdi, BYTE PTR [rdi]
pop rax = flag
pop rsi = 2
add rax, rsi
mov rsi, rax
@Barakat
Barakat / pdburl.py
Created January 26, 2020 10:30
Locating PDB file URL in Microsoft Symbol Server
#!python3
import pefile
SYMBOLS_SERVER = 'https://msdl.microsoft.com/download/symbols'
def main():
pe = pefile.PE('C:/Windows/System32/kernel32.dll', fast_load=True)
pe.parse_data_directories()
for directory in pe.DIRECTORY_ENTRY_DEBUG:
@Barakat
Barakat / arch_detect.py
Last active December 23, 2019 14:27
Detect if arch is x86 or x64
#!python3
# -*- coding: utf-8 -*-
# pip install unicorn
import unicorn
import unicorn.x86_const
def main():
emulation_address = 0x08000000
@Barakat
Barakat / IDTClient.c
Last active June 4, 2021 14:49
Windows x86 Interrupt Descriptor Table (IDT) hooking driver
//
// Windows x86 Interrupt Descriptor Table (IDT) hook test
//
// Barakat Soror (https://twitter.com/barakatsoror)
//
#include <Windows.h>
int main(void)
{