This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys | |
from ctypes import * | |
PAGE_READWRITE = 0x04 | |
PROCESS_ALL_ACCESS = ( 0x000F0000 | 0x00100000 | 0xFFF ) | |
VIRTUAL_MEM = ( 0x1000 | 0x2000 ) | |
kernel32 = windll.kernel32 #Get the wanted dll | |
pid = sys.argv[1] #Gather sent parameters |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Example taken from Gray Hat Python | |
The script inject a shellcode which tasks is to kill the given process, so that the process will not be killed by our process directly. | |
''' | |
import sys | |
from ctypes import * | |
# We set the EXECUTE access mask so that our shellcode will execute in the memory block we have allocated | |
PAGE_EXECUTE_READWRITE = 0x00000040 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Example taken from Gray Hat Python (book) | |
This script present a way to hook a DLL library in Firefox. For this example the script hook nspr4.dll which encrypt datas for SSL connection. | |
So we will be able to get the text before it is encrypted. Moreover we catch a pattern "password" to get all login/password before they are ciphered. | |
''' | |
from pydbg import * | |
from pydbg.defines import * | |
import utils |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
#This commented program is vulnerable to a buffer overflow (copy it in a separate file) | |
from ctypes import * | |
msvcrt = cdll.msvcrt | |
raw_input("Once the debbuger is attached press any key") # Give the debugger time to attach, then hit a button | |
buffer = c_char_p("AAAAA") # Create the 5-byte destination buffer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pydbg import * | |
from defines import * | |
import struct | |
import random | |
def printf_randomizer(dbg): | |
# Read in the value of the counter at ESP + 0x8 as a DWORD | |
parameter_addr = dbg.context.Esp + 0x8 | |
counter = dbg.read_process_memory(parameter_addr,4) #will be trigger when counter=4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
#-*- encoding: utf-8 -*- | |
import SocketServer | |
class EchoRequestHandler(SocketServer.BaseRequestHandler): | |
def setup(self): | |
print self.client_address, 'connected!' | |
self.request.send('hi ' + str(self.client_address) + '\n') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import unittest | |
class Test1 (unittest.TestCase): #Define a class which extend unittest | |
def runTest(self): | |
self.failIf (1+1 != 2, '1+1 failed !') | |
def suite(): | |
suite = unittest.TestSuite() #create an object testsuite | |
suite.addTest(Test1()) | |
return suite |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def RC4(data, key): | |
x = 0 | |
s = range(256) | |
for i in range(256): | |
x = (x + s[i] + ord(key[i % len(key)])) % 256 | |
s[i], s[x] = s[x], s[i] | |
x = y = 0 | |
out = "" | |
for c in data: | |
x = (x + 1) % 256 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from html.parser import HTMLParser #Import the parser | |
class HeadingParser(HTMLParser): #create a subclass of HTMLParser which will overload handle.. | |
inHeading = False | |
def handle_starttag(self, tag, attrs): #Triggered when an opening tag is encountered | |
if tag == "h1": #if the tag is <h1> | |
self.inHeading = True #Change a variable which says we are in an header | |
print("Found a Heading 1") | |
def handle_data(self, data): #Triggered when data found (the content of the tag) | |
if self.inHeading: #Useless, used just to filter content of h1's |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env jython | |
#-*- encoding:utf-8 -*- | |
from java.lang import System | |
from javax.swing import JFrame, JButton, JLabel | |
from java.awt import BorderLayout | |
# Exit application | |
def exitApp(event): | |
System.exit(0) |