Skip to content

Instantly share code, notes, and snippets.

@CreateRemoteThread

CreateRemoteThread/hackcon-angryreverser.py

Created November 10, 2016 11:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save CreateRemoteThread/65ba8e7d7b1aad4cb928593d1382156b to your computer and use it in GitHub Desktop.
Save CreateRemoteThread/65ba8e7d7b1aad4cb928593d1382156b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
hackcon-angryreverser.py
#!/usr/bin/python
import angr
import simuvex
class hooked_ptrace(simuvex.SimProcedure):
def run(self,a,b,c,d,e):
return self.state.se.Extract(31,0,e)
p = angr.Project('yolomolo_patch2')
#p.hook(0x400520,hooked_ptrace)
pg = p.factory.path_group()
pg.explore(find=0x405AD8,avoid=(0x405AF0,0x400520))
s = pg.found[0].state
f = open("found.bin","wb")
f.write(s.posix.dumps(0))
f.close()
print "ok"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment