Skip to content

Instantly share code, notes, and snippets.



View GitHub Profile
DavidGoldman / LateLoading.xm
Created Aug 20, 2015
Hook late loaded classes without dlopen'ing anything
View LateLoading.xm
#import <objc/runtime.h>
#include <dlfcn.h>
#include <mach-o/dyld.h>
%group NormalHooks
// Regular hooks in here.
View castealer.rb
require 'rubygems'
require 'openssl'
require 'digest/md5'
key =
cipher =, :CBC)
ctx =
puts "Spoof must be in DER format and saved as root.cer"
raw = "root.cer"
cert = raw
cert.version = 2
NinjaLikesCheez /
Created Mar 3, 2014
PuffGrab - a nice way to grab 'secure' puffs from PuffChat.
import urllib2
import json
import urllib
import os
import errno
key = "dl81Vh2uorfNdj2Rt2M4EylW91uUsQRZwhQ99g7K0MRXeMYePS"
baseURL = ""
uploadURL = ""
0xabad1dea /
Last active Aug 29, 2019
Weird Machines in Video Games

Abadidea's Index of Weird Machines in Video Games

A "weird machine" is when user-supplied input is able to create an arbitrary new program running within an existing program due to Turing-completeness being exposed. Sometimes such functionality was deliberately included but it is often the result of exploitation of memory corruption. You can learn more at the langsec site. There is a good argument for weird machines being inherently dangerous, but this index is just for fun.

It is broken into two categories: intentional gameplay features which may be used as weird machines, and exploit-based machines which can be triggered by ordinary player input (tool-assisted for speed and precision is acceptable). Games with the sole purpose of programming (such as Core Wars) are not eligible and plugin APIs don't count. If you know of more, feel free to add a comment to this gist.

Intentional Gameplay Mechanics

View py-notes
# >>> ACCESS TO ALL CLASSES ---------------------------------------------------
# >>> INSTIANTIATE NEW OBJECTS ------------------------------------------------
[].__class__.__class__.__new__( <TYPE> , <SUBTYPE> )
[c for c in ().__class__.__base__.__subclasses__() if c.__name__ == '<CLASSNAME>'][0]()
urielka /
Created Sep 3, 2012
iOS PNG uncrushers based on with a fix for multiple IDAT
# iPIN - iPhone PNG Images Normalizer v1.0
# Copyright (C) 2007
# Author:
# Axel E. Brzostowski
# References:
mahmoudimus /
Created Feb 4, 2010
pythonic monkey patching built-in types
# found this from Armin R. on Twitter, what a beautiful gem ;)
import ctypes
from types import DictProxyType, MethodType
# figure out side of _Py_ssize_t
if hasattr(ctypes.pythonapi, 'Py_InitModule4_64'):
_Py_ssize_t = ctypes.c_int64
_Py_ssize_t = ctypes.c_int