Osanda Malith Jayathissa OsandaMalith
OsandaMalith
/ keygen.nasm
Created
December 17, 2015 12:49
Rootme ELF - No software breakpoints Cracking Challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %if 0 | |
| * Title: Rootme ELF - No software breakpoints Cracking Challenge | |
| * Author: Osanda Malith (@OsandaMalith) | |
| * Website: http://osandamalith.wordpress.com | |
| %endif | |
| extern printf | |
| extern exit | |
| global main |
OsandaMalith
/ BindShell.c
Last active
March 25, 2022 13:54
Bind Shell using Fork for my TP-Link mr3020 router running busybox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| #define SERVER_PORT 9999 | |
| / * CC-BY: Osanda Malith Jayathissa (@OsandaMalith) | |
| * Bind Shell using Fork for my TP-Link mr3020 router running busybox |
OsandaMalith
/ Unload_Minifilter.c
Last active
August 13, 2021 12:39
Unloading a minifilter driver by calling the FilterUnload which is the Win32 equivalent of FltUnloadFilter. It will call the minifilter's FilterUnloadCallback (PFLT_FILTER_UNLOAD_CALLBACK) routine.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <Windows.h> | |
| #include <fltuser.h> | |
| #pragma comment(lib,"FltLib.lib") | |
| /* | |
| Author: Osanda Malith Jayathissa (@OsandaMalith) | |
| Website: https://osandamalith.com | |
| Description: Unloading a minifilter driver by calling the FilterUnload which is the Win32 equivalent of FltUnloadFilter. |
OsandaMalith
/ MsgBoxExe2DLL
Created
August 26, 2019 21:30
A simple msgbox converted from an EXE to a DLL. The exported function is Run.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA | |
| AAAAAAAAAAAAAAAA+AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5v | |
| dCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABM7TuOCIxV3QiMVd0IjFXd | |
| bepW3AGMVd1t6lDcgoxV3W3qUdwajFXdM9JW3BiMVd0z0lDcFYxV3TPSUdwZjFXd | |
| bepU3A2MVd0IjFTdWYxV3Z/SUdwJjFXdn9JX3AmMVd1SaWNoCIxV3QAAAAAAAAAA | |
| AAAAAAAAAABQRQAATAEGAJwfZF0AAAAAAAAAAOAAAiELAQ4AAKoAAAB+AAAAAAAA | |
| 2LkAAAAQAAAAwAAAAABAAAAQAAAAAgAABgAAAAAAAAAGAAAAAAAAAABwAQAABAAA | |
| AAAAAAIAAAAAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAYAEAABAAACQQAQA8AAAA | |
| AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFABAIQNAABwCQEAHAAAAAAAAAAAAAAA | |
| AAAAAAAAAAAAAAAAAAAAAJAJAQBAAAAAAAAAAAAAAAAAwAAACAEAAAAAAAAAAAAA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // CC-BY : Osanda Malith Jayathissa (@OsandaMalith) | |
| public class Company { | |
| // member variables | |
| private double[][] sales; | |
| private int salesPerson; | |
| private int product; | |
| private double value; | |
| public Company() { | |
| this.sales = new double[4][5]; |
OsandaMalith
/ keygen.c
Last active
March 26, 2020 14:53
Rootme ELF - No software breakpoints Cracking Challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| /* | |
| * Title: Rootme ELF - No software breakpoints Cracking Challenge | |
| * Author: Osanda Malith (@OsandaMalith) | |
| * Website: http://osandamalith.wordpress.com | |
| */ | |
| int main(int argc, char const *argv[]) { | |
| size_t i; | |
| unsigned int checksum; |
OsandaMalith
/ CreateMinidump.cpp
Last active
January 27, 2020 15:14
Faultrep!CreateMinidump undocumented API. The API only exists in Windows XP and Windows Server 2003. You can copy the DLL and place it in the same folder.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <TlHelp32.h> | |
| #include <iostream> | |
| using namespace std; | |
| /* | |
| Title: Faultrep!CreateMinidump to get a full dump passing MiniDumpWithFullMemory as the MINIDUMP_TYPE. | |
| Author: Osanda Malith Jayathissa (@OsandaMalith) | |
| Research: https://osandamalith.com/2019/09/08/minidumpwritedump-via-faultrepcreateminidump/ | |
| The function CreateMinidump is only available in Windows XP and Windows Server 2003. |
OsandaMalith
/ nonkill.au3
Last active
October 18, 2019 13:48
Non killable process due to signedness error in nt!NtSetInformationProcess
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sNonKillableProcess('notepad.exe') | |
| Func sNonKillableProcess($sProcess) | |
| Local $sProcessHandle , $sPid , $sAccess , $sSignedvalue , $ProcessIoPriority , $sProcessInformationLength , $sStruct | |
| If Not @Compiled Then Exit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import subprocess | |
| import os | |
| import sys | |
| ''' | |
| A simple python shell | |
| Author: @OsandaMalith | |
| ''' | |
| while True: |
OsandaMalith
/ CreateMinidump_HotPatch.cpp
Last active
September 12, 2019 04:46
The function CreateMinidump is only available in Windows XP and Windows Server 2003. If you want to get this working in other Windows systems, copy the DLL from XP or Server 2003 and place it in the same folder. This DLL has no ASLR enabled and therfore the address are hardcoded.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <TlHelp32.h> | |
| #include <iostream> | |
| using namespace std; | |
| /* | |
| Title: Faultrep!CreateMinidump Hot Patch to get a full dump passing MiniDumpWithFullMemory as the MINIDUMP_TYPE. | |
| Author: Osanda Malith Jayathissa (@OsandaMalith) | |
| Research: https://osandamalith.com/2019/09/08/minidumpwritedump-via-faultrepcreateminidump/ |
NewerOlder