Skip to content

Instantly share code, notes, and snippets.

🎯
Oh my job, oh dear my job

Silver Bullet SilverBut

View GitHub Profile
View template_quick_rename.py
# Reversing CPP program is painful, especially when it contains tempalte classes
# But rename them is not a bad idea...
def rename_copy(ord_old, name_new, ord_new=None):
py_til = ida_typeinf.get_idati()
py_ti = ida_typeinf.tinfo_t()
py_ti.get_numbered_type(py_til, ord_old)
if not ord_new:
ord_new = ida_typeinf.alloc_type_ordinal(py_til)
print(py_ti.set_numbered_type(py_til, ord_new, 4, name_new))
View not_my_github.md

每次当有人将政治事件相关的帖子发到Github上时,总有一些人打着“防止Github被墙”的大旗四处招摇。本Gist用于记录这些帐号,其突出特点是,极度自私自利,短视而目中无人,无法在私权和公权之间作出合理的取舍。

我(本gist的作者)认为,在github上谈论政治问题的确导致了绝大多数人写代码的工作环境被打扰,对此表达自己的不满和意见也十分正常。但如果说是“预防被墙”或者“这么牛逼你行你上在这里bb啥打扰我好心情”这种事不关己高高挂起的话,对不起,block。

@SilverBut
SilverBut / ida_plugins.md
Last active Apr 29, 2018
[IDA Plugin Collection] Collect some plugins I am using. #tags: reverse, IDA, IDAPython
View ida_plugins.md

Wishlist

  • Several collaborate plugins are availiable, including:
    • IDASynergy. CVS system mainly using SVN. Don't like it much.
    • collabREate. Have not fully tested. Will test it.
    • Sol[IDA]rity. Still nothing published yet.
    • YaCo. New thing in #SSTIC 2017. Not published yet. Wait till Jun. 7.
    • FIRST from Cisco which claims its ability to identifiy and recovery functions from signatures. Will test it.
    • Still searching until I found a useful one.
  • DIE claims it can enrich IDA's static analysis with dynamic data. But need to test if can be used.
@SilverBut
SilverBut / memcpy.py
Last active Apr 29, 2018
[IDAPython Snippets] Some useful functions can be used in IDAPython to do things quickly. #tags: reverse, IDA, IDAPython
View memcpy.py
# Used to do some memcpy-like jobs
def ip_memcpy(dst, src, n):
idautils.PutDataList(dst, idautils.GetDataList(src, n, 1), 1)
@SilverBut
SilverBut / network_manual_action.sh
Last active May 1, 2017
[Manual network solution] Work for my personal network problems in mainland China. #tags: GFW, network, shadowsocks, route, vpn
View network_manual_action.sh
#!/usr/bin/sh
SCRIPTNAME=`basename $0`
function log_err() { echo "[$SCRIPTNAME][E] $@" 1>&2; }
function log() { echo "[$SCRIPTNAME][I] $@" 1>&2; }
RESULT_OK=0
RESULT_FAILED=1
RESULT_ARGS_ERR=2
@SilverBut
SilverBut / AutoMakeFunc.py
Last active Apr 29, 2018
[AutoMakeFunc] Solve an IDA problem when liner-down scan can not identify functions directly attached to the current function. Only work under IDA 6.95. Now works for PowerPC. #tags: IDAPython, IDA, reverse, powerpc, ppc
View AutoMakeFunc.py
import logging
logger = logging.getLogger(__name__)
lv = logging.DEBUG
map(logger.removeHandler, logger.handlers[:])
map(logger.removeFilter, logger.filters[:])
logger.setLevel(lv)
ch = logging.StreamHandler()
ch.setLevel(lv)
formatter = logging.Formatter("[%(levelname)s] %(asctime)-2s <%(funcName)s:%(lineno)s> %(message)s", "%H:%M:%S")
ch.setFormatter(formatter)
@SilverBut
SilverBut / haproxy.cfg
Last active Apr 5, 2019
[Haproxy cfg checking Socks5] Haproxy cfg to check the Socks5 connection #tags: GFW, network, haproxy, config
View haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
global
log 127.0.0.1 local2
You can’t perform that action at this time.