Jameel Haffejee RC1140

## eBPFOverwrite
sudo bpftrace -e 'k:__x64_sys_getuid /comm == "id"/ { override(99); }' --unsafe -c /usr/bin/id

## gist:d0008fab2ed0d01859ef
from PyPDF2 import PdfFileWriter, PdfFileReader
input1 = PdfFileReader(open("fileToSplit.pdf", "rb"))
for i in range(input1.numPages):
	output = PdfFileWriter()
	output.addPage(input1.getPage(i))
	outputStream = file('review'+i.__str__()+'.pdf', "wb")
	output.write(outputStream)
	outputStream.close()

## convertToLitteEndian.py
import sys
if len(sys.argv) == 1:
    sys.exit(-1)
memAddress = sys.argv[1]#'bffffe65'#
start = len(memAddress)
print(memAddress)
outAddress = ''
hexAddress = ''
for i in range(len(memAddress),0,-2):
    start -= 2

## task1.2.asm
_f proc near
  var_10 = dword ptr -10h
  var_9 = byte ptr -9
  input = dword ptr 8
  push ebp
  mov ebp, esp
  sub esp, 18h
  jmp short loc_8048410
loc_804840C:
  add [ebp+input], 4

## cascade.asm
PAGE 62,132
TITLE   _HLV_
SUBTTL  Layout (C) 1990 164A12565AA18213165556D3125C4B962712
.RADIX  16
.LALL

TRUE            EQU     1
FALSE           EQU     0

MONTH           EQU     9D

## compare.c
char toupper ( char c )
{
  if( c >= ’a’ && c <= ’z’ ) {
    c = c - ’a’ + ’A’;
  }
  return( c );
}

## task1.1.asm
_f proc near
input = dword ptr 8
  push ebp                        ;Stack winding , remember where we came from.
  mov ebp, esp                    ;Stack winding , update the current stack locations.
  movzx eax, byte ptr [ebp+input] ; Move the byte value @ the address [ebp + input] and extend it if needed into the eax register
                                  ; eax now contains the the first 8 bytes of the stack for the current function which is your first parameter passed to the function
  lea edx, [eax-61h]              ; This subtracts 61h from eax (the parameter passed in ) and sets edx to the result.
                                  ; Assuming we passed in the letter 'a' , this would result in 61h - 61h == 0 in edx
  cmp dl, 19h                     ; Compare the lower register of edx to 19h , if the value is less than 19h then we
                                  ; we know we are dealing with lower case letters. Otherwise this is an upper case letter or some other char which means we can ignore it.

## customTtyTterOutput.pl
use Term::ANSIColor;

#Open a text file with a list of users to highlight
open our $handle, '<', "/home/<your username>/tweetersToHighlight.txt";
chomp(our @customConsole.pl = <$handle>);
#Convert array to hash/dictionary
our %users = map { $_ => 1 } @customConsole.pl;
close $handle;
#Setup ttytter hook
$handle = sub {

## hola.diff
diff --cc manifest.json
index 984792c,06d9aad..0000000
--- a/manifest.json
+++ b/manifest.json
@@@ -5,9 -5,7 +5,13 @@@
        "proxy",
        "webRequest",
        "webRequestBlocking",
++<<<<<<< HEAD
 +      "<all_urls>",

## DynamicDNS.py
#!/usr/bin/env python
import stun
import socket
import route53

domainName = ''#Make sure this is a FQDN i.e. it should have a '.' at the end.
access_id = ''
secret_key = ''
hostedZoneID = '' #Get this from your aws account
	from PyPDF2 import PdfFileWriter, PdfFileReader
	input1 = PdfFileReader(open("fileToSplit.pdf", "rb"))
	for i in range(input1.numPages):
	output = PdfFileWriter()
	output.addPage(input1.getPage(i))
	outputStream = file('review'+i.__str__()+'.pdf', "wb")
	output.write(outputStream)
	outputStream.close()
	import sys
	if len(sys.argv) == 1:
	sys.exit(-1)
	memAddress = sys.argv[1]#'bffffe65'#
	start = len(memAddress)
	print(memAddress)
	outAddress = ''
	hexAddress = ''
	for i in range(len(memAddress),0,-2):
	start -= 2
	_f proc near
	var_10 = dword ptr -10h
	var_9 = byte ptr -9
	input = dword ptr 8
	push ebp
	mov ebp, esp
	sub esp, 18h
	jmp short loc_8048410
	loc_804840C:
	add [ebp+input], 4
	PAGE 62,132
	TITLE _HLV_
	SUBTTL Layout (C) 1990 164A12565AA18213165556D3125C4B962712
	.RADIX 16
	.LALL

	TRUE EQU 1
	FALSE EQU 0

	MONTH EQU 9D
	char toupper ( char c )
	{
	if( c >= ’a’ && c <= ’z’ ) {
	c = c - ’a’ + ’A’;
	}
	return( c );
	}
	_f proc near
	input = dword ptr 8
	push ebp ;Stack winding , remember where we came from.
	mov ebp, esp ;Stack winding , update the current stack locations.
	movzx eax, byte ptr [ebp+input] ; Move the byte value @ the address [ebp + input] and extend it if needed into the eax register
	; eax now contains the the first 8 bytes of the stack for the current function which is your first parameter passed to the function
	lea edx, [eax-61h] ; This subtracts 61h from eax (the parameter passed in ) and sets edx to the result.
	; Assuming we passed in the letter 'a' , this would result in 61h - 61h == 0 in edx
	cmp dl, 19h ; Compare the lower register of edx to 19h , if the value is less than 19h then we
	; we know we are dealing with lower case letters. Otherwise this is an upper case letter or some other char which means we can ignore it.
	use Term::ANSIColor;

	#Open a text file with a list of users to highlight
	open our $handle, '<', "/home/<your username>/tweetersToHighlight.txt";
	chomp(our @customConsole.pl = <$handle>);
	#Convert array to hash/dictionary
	our %users = map { $_ => 1 } @customConsole.pl;
	close $handle;
	#Setup ttytter hook
	$handle = sub {
	diff --cc manifest.json
	index 984792c,06d9aad..0000000
	--- a/manifest.json
	+++ b/manifest.json
	@@@ -5,9 -5,7 +5,13 @@@
	"proxy",
	"webRequest",
	"webRequestBlocking",
	++<<<<<<< HEAD
	+ "<all_urls>",
	#!/usr/bin/env python
	import stun
	import socket
	import route53

	domainName = ''#Make sure this is a FQDN i.e. it should have a '.' at the end.
	access_id = ''
	secret_key = ''
	hostedZoneID = '' #Get this from your aws account