| IDA Plugins | Preferred | Neutral | Unreviewed |
|---|
SkyBulk
/ CVE-2019-1215.cpp
Created
May 30, 2020 17:00
— forked from ox1111/CVE-2019-1215.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| The exploit works on 19H1. | |
| It was tested with ntoskrnl version 10.0.18362.295 | |
| */ | |
| #include <Windows.h> | |
| #include <stdio.h> | |
| #include <string> | |
| #include <ntstatus.h> | |
| #include <processthreadsapi.h> |
SkyBulk
/ windows-toolkit.md
Created
May 18, 2020 16:57
— forked from jthuraisamy/windows-toolkit.md
Windows Toolkit
SkyBulk
/ BH19RegChecker.py
Created
May 6, 2020 06:48
— forked from ihack4falafel/BH19RegChecker.py
Simple python script that sends a text message as soon as BH19 training page goes live!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #Python script that send your phone number a text as soon as Black Hat 2019 training goes live using Twilio | |
| #The script can be coupled with cronjob that runs every hour or whatever you may see fit | |
| from twilio.rest import Client | |
| import requests | |
| account_sid = '<your Twilio account SID>' | |
| auth_token = '<your Twilio authentication token>' | |
| client = Client(account_sid, auth_token) |
SkyBulk
/ Shellcode-Process-Injector.c
Created
May 4, 2020 06:42
— forked from mhaskar/Shellcode-Process-Injector.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <sys/types.h> | |
| #include <unistd.h> | |
| int main(int argc, char **argv){ | |
| //msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Introduction to Use After Free | |
| https://www.purehacking.com/blog/lloyd-simon/an-introduction-to-use-after-free-vulnerabilities | |
| # Asan linux , macOS | |
| https://clang.llvm.org/docs/AddressSanitizer.html | |
| https://github.com/google/sanitizers | |
| # LeakSanitizer linux , macOS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| impresora(char *,int) push rbp | |
| impresora(char *,int)+1 mov rbp, rsp | |
| impresora(char *,int)+4 sub rsp, 30h | |
| impresora(char *,int)+8 mov [rbp+lista], rcx | |
| impresora(char *,int)+C mov [rbp+size], edx | |
| impresora(char *,int)+F mov rcx, [rbp+lista] | |
| impresora(char *,int)+13 call strlen | |
| impresora(char *,int)+18 mov [rbp+largo], eax | |
| impresora(char *,int)+1B mov rcx, [rbp+lista] | |
| impresora(char *,int)+1F call strlen |
SkyBulk
/ syllabus.md
Last active
June 17, 2020 21:47
software security under x86 , x64, zero day Attacks course windows 10 x64
This Is Course Is Under Development skybulkctf@gmail.com
-
- [What is a Vulnerability?]
- [What is a Poc (Proof of Conecpt)?]
- [What is an Exploit?]
- [What is a Zero Day Exploit?]
-
- [Data Types and Basic Operations]
- [Signed and Unsigned Integers]
- [Data Types and Basic Operations]
- [How Are Data Stored in Memory?]
SkyBulk
/ OpenSSH_3.3_integer_overflow.c
Created
January 23, 2020 18:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nresp = packet_get_int(); | |
| if (nresp > 0) { | |
| response = xmalloc(nresp*sizeof(char*)); | |
| for (i = 0; i < nresp; i++) | |
| response[i] = packet_get_string(NULL); | |
| } |
SkyBulk
/ imapd_10.234.c
Last active
January 23, 2020 18:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| char *mail_auth (char *mechanism,authresponse_t resp,int argc,char *argv[]){ | |
| char tmp[MAILTMPLEN]; | |
| AUTHENTICATOR *auth; | |
| /* make upper case copy of mechanism name */ | |
| ucase (strcpy (tmp,mechanism)); | |
| for (auth = mailauthenticators; auth; auth = auth->next) | |
| if (auth->server && !strcmp (auth->name,tmp)) | |
| return (*auth->server) (resp,argc,argv); | |
| return NIL; /* no authenticator found */ |
SkyBulk
/ pdf_fuzz.py
Created
October 30, 2019 05:42
— forked from kedarbellare/pdf_fuzz.py
PDF Fuzzer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| file_list = ["10.1.1.111.1781.pdf", "10.1.1.111.5264.pdf", "10.1.1.39.1596.pdf", "10.1.1.41.8589.pdf", "10.1.1.42.5619.pdf"] | |
| apps = [ | |
| "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/MacOS/AdobeReader", | |
| "/Applications/Adobe Reader.app/Contents/MacOS/AdobeReader", | |
| "/Applications/Preview.app/Contents/MacOS/Preview"] | |
| fuzz_output = "fuzz.pdf" | |
| FuzzFactor = 250 |