The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.
Cossack9989
/ idapython_ctree.md
Created
January 5, 2023 08:13
— forked from trietptm/idapython_ctree.md
Notes on CTREE usage with IDAPython
Cossack9989
/ H3C-ER3100-BOF-Vulnerability.md
Last active
October 21, 2021 10:33
H3C ER3100 can be exploited by an authorized attacker with a crafted HTTP request
- 2020/12/31, the vulnerability was found by us.
- 2021/01/25, the related details were reported to service@h3c.com.
- 2021/01/28, H3C refused to fix the vulnerability because H3C ER3100 had stopped production several years ago.
- 2021/04/30, 90 days after, we decide to make a disclosure
- Production Name: H3C ER3100
- Firmware version: V201R020
- Vulnerability type: stack buffer overflow
Cossack9989
/ Proof_of_DLL_hijacking.cpp
Created
February 12, 2020 18:01
PyAntiDllHijacking:TESTDLL_v0.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| #include <cstring> | |
| #include <Windows.h> | |
| #include <WtsApi32.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| using namespace std; | |
| void GetCurrProcessUser(int pid) | |
| { |