The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.
smx-smx
/ XZ Backdoor Analysis
Last active
May 4, 2024 10:03
[WIP] XZ Backdoor Analysis and symbol mapping
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| XZ Backdoor symbol deobfuscation. Updated as i make progress |
infernalheaven
/ poc.c
Created
September 16, 2021 02:18
macOS 11.5.2/iOS 14.7.1 Kernel Race Condition poc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Written By Pan ZhenPeng(@peterpan980927) of Alibaba Security Pandora Lab | |
| use it on macOS: cc poc.c -o poc while True; do ./poc ; done | |
| */ | |
| #include <errno.h> | |
| #include <signal.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #TODO write a description for this script | |
| #@author Chengbin, MyriaCore | |
| #@category Functions | |
| #@keybinding | |
| #@menupath | |
| #@toolbar | |
| #TODO Add User Code Here |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Java.perform(function () { | |
| var act = Java.use("android.app.Activity"); | |
| act.getIntent.overload().implementation = function () { | |
| var intent = this.getIntent() | |
| var cp = intent.getComponent() | |
| console.log("Starting " + cp.getPackageName() + "/" + cp.getClassName()) | |
| var ext = intent.getExtras(); | |
| if (ext) { | |
| var keys = ext.keySet() | |
| var iterator = keys.iterator() |
trietptm
/ idapython_ctree.md
Created
May 1, 2020 13:56
— forked from icecr4ck/idapython_ctree.md
Notes on CTREE usage with IDAPython
0xsha
/ CVE-2020-8515.go
Last active
March 30, 2024 20:52
CVE-2020-8515: DrayTek pre-auth remote root RCE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| CVE-2020-8515: DrayTek pre-auth remote root RCE | |
| Mon Mar 30 2020 - 0xsha.io | |
| Affected: |
This gist contains lots of my written IDAPython snippets.
hama7230
/ exploit.htm
Last active
August 17, 2020 19:47
Google Capture The Flag 2019 (Finals) Gomium Browser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <script type="text/goscript"> | |
| package main | |
| import "fmt" | |
| func bring_your_own_gadgts(x uint64, y uint64, z uint64, w uint64, v uint64) uint64 { | |
| var a uint64 = 0xc3050f585a5e5f58; | |
| var b uint64 = 0xdeadbeefdeadbeef+1 | |
| var c uint64 = 0xdeadbeefdeadbeef+2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* ### | |
| * IP: GHIDRA | |
| * | |
| * Licensed under the Apache License, Version 2.0 (the "License"); | |
| * you may not use this file except in compliance with the License. | |
| * You may obtain a copy of the License at | |
| * | |
| * http://www.apache.org/licenses/LICENSE-2.0 | |
| * | |
| * Unless required by applicable law or agreed to in writing, software |
Radare 2 动态调试 - 数据修改简易入门示范
以下部分内容直接从 Telegram 频道 duangsuse::Echo 拷贝,许可 CC-BY
Radare 2 是著名的开源跨平台逆向分析框架,能够读取多种文件格式、支持很多动态分析调试器、有很多种前端(诸如基于 Qt 的 Cutter)可以使用,也可以远程调试,支持插件并且 CLI 非常方便,能够进行许多厉害的静态分析。
Radare 2 堪比商业软件 IDA,R2 工程组里是有前端的,只不过他们比较喜欢推广 CLI Shell 而已,有些人可能认为 R2 没有前端只能用 CLI,实际上 R2 的 HTML 前端是非常友好的,也非常适合进行远程调试 这里 R2 在开源系逆向工程工具里的地位就好像类似于 KODI 在 Home Theater 软件里的地位了,自由软件一家独大
NewerOlder