Skip to content

Instantly share code, notes, and snippets.

@DanielGibson
DanielGibson / OMG.md
Last active January 31, 2024 17:52
ULTRA-SOPHISTICATED 0DAY APT SUPERMALWARE PROXY EXE

Inspired by our understanding of what CVE-2024-23940 does (see https://medium.com/@s1kr10s/av-when-a-friend-becomes-an-enemy-55f41aba42b1) HORST, the 1337est of hackers, infamous for having hacked THE DIALER back in 1998, has developed the next generation of that attack, and kindly gave me permission to demonstrate it here!

It turns out that you can't just write Proxy-DLLs that pass on function calls to original DLLs and also do evil things, but you can also create a Proxy Executable that calls the original exe and also does evil things!

Usage

@DanielGibson
DanielGibson / colormap.h
Last active December 17, 2023 06:06
Tool that converts Quake2 .wal to .png (needs stb_image_write.h), most probably won't work on Windows without some changes
// the Quake2 standard colormap/palette
static unsigned char colormap[256][3] = {
{0, 0, 0}, {15, 15, 15}, {31, 31, 31}, {47, 47, 47}, {63, 63, 63}, {75, 75, 75},
{91, 91, 91}, {107, 107, 107}, {123, 123, 123}, {139, 139, 139}, {155, 155, 155}, {171, 171, 171},
{187, 187, 187}, {203, 203, 203}, {219, 219, 219}, {235, 235, 235}, {99, 75, 35}, {91, 67, 31},
{83, 63, 31}, {79, 59, 27}, {71, 55, 27}, {63, 47, 23}, {59, 43, 23}, {51, 39, 19},
{47, 35, 19}, {43, 31, 19}, {39, 27, 15}, {35, 23, 15}, {27, 19, 11}, {23, 15, 11},
{19, 15, 7}, {15, 11, 7}, {95, 95, 111}, {91, 91, 103}, {91, 83, 95}, {87, 79, 91},
{83, 75, 83}, {79, 71, 75}, {71, 63, 67}, {63, 59, 59}, {59, 55, 55}, {51, 47, 47},
{47, 43, 43}, {39, 39, 39}, {35, 35, 35}, {27, 27, 27}, {23, 23, 23}, {19, 19, 19},
@DanielGibson
DanielGibson / pulsar_kb_ledcontrol.c
Last active November 27, 2023 17:36
Hacky Linux tool to explore Pulsar PCMK TKL Keyboard LED control (incl. documentation of that protocol)
/* Based on https://github.com/torvalds/linux/blob/master/samples/hidraw/hid-example.c
*
* This is for "0416:b23c Winbond Electronics Corp. PCMK TKL"
* USB VID 0x0416, PID 0xb23c, using a Winbond/Nuvoton Chip (NUC121SC2AE),
* sometimes also identified as Winbond "Gaming Keyboard",
* My actual device is a Pulsar PCMK TKL Barebone in ISO layout, but reportedly
* there are other devices with the same USB ID, like "KT108" or some from "WIANXP"
* that *might* use the same protocol, see also https://usb-ids.gowdy.us/read/UD/0416/b23c
*
* -------------------------
@DanielGibson
DanielGibson / energy.sh
Created March 10, 2023 18:36
print current energy consumption of (AMD?) CPU every second, on Linux
#!/bin/bash
export LC_ALL=C
VAL=`cat /sys/class/powercap/intel-rapl:0/energy_uj`
while true ; do
# yes, this is probably not super-precise due to just using sleep and not measuring the time..
sleep 1
NEWVAL=`cat /sys/class/powercap/intel-rapl:0/energy_uj`
DIFF=$(($NEWVAL-$VAL))
@DanielGibson
DanielGibson / CMakeLists.txt
Last active September 5, 2021 06:39
SDL2 + CMake test
cmake_minimum_required(VERSION 2.8.11)
# this can be used to test if both SDL2_LIBRARIES/SDL2_INCLUDE_DIRS
# and SDL2::SDL2/SDL2::SDL2main can be used to build an SDL2 application
# it also prints all properties of SDL2::SDL2 and SDL2::SDL2main and the
# values of SDL2_LIBRARIES/SDL2_LIBDIR/SDL2_INCLUDEDIRS
# you might have to disable printing the properties, see comment around line 66
project(SDL2Test)
@DanielGibson
DanielGibson / XPlatformSockets.h
Last active January 13, 2024 13:55
Mostly finished/usable crossplatform sockets (UNIX/BSD sockets vs Winsocks) abstraction
// Crossplatform-Sockets-API ("XSA"), abstracting the differences between
// UNIX Sockets (from Linux, *BSD, OSX, ...) and Winsock (WSA)
/*
* (C) 2017-2021 Daniel Gibson
*
* License:
* This software is dual-licensed to the public domain and under the following
* license: you are granted a perpetual, irrevocable license to copy, modify,
* publish, and distribute this file as you see fit.
// can be built with:
// $ gcc -o sdl2test `sdl2-config --cflags` sdl_fullscreentest.c `sdl2-config --libs`
// will try to create a fullscreen window with 1920x1080 by default,
// but accepts commandline arguments to use a different resolution, like
// $ ./sdl2test 2560 1440
// will create testlog.txt and write some info there
#include <SDL.h>
#include <unistd.h>
@DanielGibson
DanielGibson / flexarr.cpp
Last active January 11, 2019 16:55
C++ Flexible Array example
/*
* (C) 2019 Daniel Gibson
*
* This software is dual-licensed to the public domain and under the following
* license: you are granted a perpetual, irrevocable license to copy, modify,
* publish, and distribute this file as you see fit.
* No warranty implied; use at your own risk.
*/
#include <stdlib.h> // size_t
@DanielGibson
DanielGibson / warptest.c
Created May 6, 2018 00:38
testcase for SDL2 bug #4152 (and the old #3931)
// gcc -Wall -o warptest `sdl2-config --cflags` warptest.c `sdl2-config --libs`
#include <stdio.h>
#include <SDL.h>
static FILE* outfile = NULL;
static void UpdateWinTitle(int accumX, int accumY, SDL_Window* win)
{
char buf[128];
@DanielGibson
DanielGibson / al_funcs.h
Last active April 10, 2018 15:10
OpenAL function in X-Macros, can be used to define and load function pointers etc
/*
* All function names and corresponding pointer-to-function-types
* from the OpenAL headers, wrapped in a magic macro so it can be used for whatever.
*
* Idea for the magic X macro from Walter Bright:
* http://www.drdobbs.com/cpp/the-x-macro/228700289
*
* To use this, you have to #define the AL_X_MAGIC(fn, fnptrt)
* macro for the AL_H_FUNCS and ALC_H_FUNCS and the
* ALEXT_X_MAGIC(fn, fnptrt, ext) macro for the ALEXT_H_FUNCS and EFX_H_FUNCS