Ch0pin
/ listener.cpp
Created
July 7, 2023 06:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <jni.h> | |
| #include <string> | |
| #include <stdio.h> | |
| #include <arpa/inet.h> | |
| #include <stdlib.h> | |
| #include <android/log.h> | |
| #include <unistd.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| #include <sys/prctl.h> |
Ch0pin
/ CVE-2022-47757
Last active
May 3, 2023 06:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| A path traversal vulnerability delivered using a deeplink can force the com.imo.android.imoim Android Application | |
| up to version 2022.11.1051 to write files into its data directory. This may allow an attacker to write a library | |
| file under a special directory that the app uses to dynamically load modules. Loading the library can finally lead | |
| to arbitrary code execution with the application's privileges. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .global main | |
| main: | |
| stp x29, x30, [sp, #-16]! | |
| cmp w1, wzr | |
| beq foo | |
| ... | |
| ... | |
| b bar | |
| ... |
Ch0pin
/ examples.s
Last active
July 18, 2022 08:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @Single register load / store | |
| ldr x1, <address> @store 64 bits from <address> to X1 | |
| str w1, <address> @store 32 bits from w1 to <address> | |
| ldrb x1, [x2] @store the least significant byte from *x2 to x1 | |
| strh x1, [x2], #3 @store a half word (2 bytes) from x1 to *x2 and set x2 = x2 + 3 | |
| strsh w0, [w3] @store a half word (2 bytes) from w0 to *w3 and sign extend it | |
| @Pair of registers load / store |
Ch0pin
/ houseoflore1.c
Last active
June 6, 2022 10:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| #include <assert.h> | |
| void jackpot(){ fprintf(stderr, "Nice jump d00d\n"); exit(0); } | |
| int main(int argc, char * argv[]){ |
Ch0pin
/ houseoflore0.c
Last active
June 3, 2022 14:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ... | |
| void jackpot(){ fprintf(stderr, "Nice jump d00d\n"); exit(0); } | |
| int main(int argc, char * argv[]){ | |
| intptr_t* stack_buffer_1[4] = {0}; | |
| intptr_t* stack_buffer_2[3] = {0}; | |
| intptr_t *victim = malloc(0x100); |
Ch0pin
/ houseOfspirit.c
Last active
May 21, 2022 18:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| int main() | |
| { | |
| malloc(1); | |
| unsigned long long *a; | |
| unsigned long long fake_chunk[4] __attribute__ ((aligned (16))); | |
| fake_chunks[1] = 0x40; |
Ch0pin
/ unsfafe_unlink.c
Created
May 6, 2022 12:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| typedef void (*dn)(); | |
| uint64_t *chunk0_ptr; | |
| void doNothing() |
Ch0pin
/ gist:db3268adf433bf2ef22db33fbc5cf6ac
Created
April 25, 2022 12:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <string.h> | |
| int main( int argc, char * argv[] ) | |
| { | |
| char * first, * second; | |
| first = malloc(0x420); | |
| second = malloc(0x420); | |
| if(argc!=1) | |
| strcpy( first, argv[1] ); | |
| printf("Hi %s\n",first); |
Ch0pin
/ fastbin_dup_consolidate.c
Last active
April 14, 2022 06:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <assert.h> | |
| void main() { | |
| printf("Fill up the tcache list to force the fastbin usage...\n"); | |
| void *ptr[7]; |
NewerOlder