Skip to content

Instantly share code, notes, and snippets.

View Barakat's full-sized avatar

Barakat Barakat

108 followers · 4 following
View GitHub Profile
@Barakat
Barakat / pdburl.py
Created January 26, 2020 10:30
Locating PDB file URL in Microsoft Symbol Server
#!python3
import pefile
SYMBOLS_SERVER = 'https://msdl.microsoft.com/download/symbols'
def main():
pe = pefile.PE('C:/Windows/System32/kernel32.dll', fast_load=True)
pe.parse_data_directories()
for directory in pe.DIRECTORY_ENTRY_DEBUG:
@Barakat
Barakat / Client.c
Created December 12, 2019 10:30
Simple example of using shared memory to shared data between user and the kernel
/* Run as admin */
#include <Windows.h>
#include <stdio.h>
int main(void)
{
const HANDLE SharedSection = OpenFileMappingW(FILE_MAP_READ,
FALSE,
L"Global\\ToyDriverSharedSection");
@Barakat
Barakat / injector.cpp
Created November 18, 2018 08:31
Code injection using shared sections
#include <Windows.h>
#include <ntdef.h>
#include <cstdint>
#include <cassert>
#include <cstring>
#include <cstdio>
typedef enum
{
@Barakat
Barakat / emulator-extended-x64.py
Last active May 4, 2022 10:26
Emulating x64 machine code using Unicorn (A CPU scriptable emulator)
#!python3
# -*- coding: utf-8 -*-
# pip install unicorn
import unicorn
import unicorn.x86_const
import struct
def required_mapping_size(size):
page_size = 4096
@Barakat
Barakat / IDTClient.c
Last active June 4, 2021 14:49
Windows x86 Interrupt Descriptor Table (IDT) hooking driver
//
// Windows x86 Interrupt Descriptor Table (IDT) hook test
//
// Barakat Soror (https://twitter.com/barakatsoror)
//
#include <Windows.h>
int main(void)
{
@Barakat
Barakat / prime.py
Last active March 30, 2021 19:55
Prime-counting function and x/ln(x) plot
#!python
import numpy as np
import matplotlib.pyplot as plt
import matplotlib.patches as mpatches
def pi(x):
prime = [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, 541]
assert x <= prime[-1]
i = 0
while prime[i] < x:
@Barakat
Barakat / ascii_upper_encoder.py
Created June 27, 2018 19:30
Encode binary data into uppercase-only ASCII
ASCII_A_CODE = ord('A')
def ascii_upper_encode(data):
code = ''
for byte in data:
code += chr((byte >> 4) + ASCII_A_CODE)
code += chr((byte & 0xf) + ASCII_A_CODE)
return code
def ascii_upper_decode(code):
@Barakat
Barakat / Nullcon2020.md
Last active April 14, 2020 17:10
Nullcon 2020 writeup

Zelda and the Zombies

تحدي Zelda and the Zombies عبارة عن لعبة مطلوب أن تقتل أي أحد من الأعداء عشان يطلع الفلاق، لكن طاقتهم كبيرة جداً 999999 وصعب تقتلهم يدوي، قلت أجرب استخدم Cheat Engine عشان أدور على طاقة واحد منهم وأنقصتها مباشرة في الذاكرة ومن ضربة واحدة يموت

zelda

@Barakat
Barakat / emu.py
Created February 14, 2020 15:06
#!python3
# -*- coding: utf-8 -*-
# pip install unicorn
import unicorn
import unicorn.x86_const
def required_mapping_size(size):
page_size = 4096
while page_size < size:
@Barakat
Barakat / year3000.py
Last active February 9, 2020 21:04
Nullcon 2020 - year3000
import base64
import struct
from pwn import *
def parse_x64(filename):
with open(filename, 'rb') as fp:
fp.seek(0x820)
character = fp.read(1)
fp.seek(0x819)