Souhail Hammou SouhailHammou
SouhailHammou
/ VM.c
Created
September 22, 2015 17:00
Virtual machine with a custom instruction set.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| VM by Souhail Hammou : custom instruction set | |
| data space and stack space are customizable. | |
| Important : In calculations the VM is using unsigned values. | |
| */ | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <conio.h> | |
| #define TRUE 1 | |
| #define FALSE 0 |
SouhailHammou
/ Avtr_setup_list.c
Created
March 28, 2017 18:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef struct _avtr_listelem | |
| { | |
| struct _avtr_listelem* next; | |
| struct _avtr_listelem* prev; | |
| DWORD technique; /*0x08*/ | |
| DWORD privilege_value; /*0x0C*/ | |
| DWORD n_tries; /*0x10*/ | |
| DWORD milliseconds; /*0x14*/ | |
| } avtr_listelem, *pavtr_listelem; |
SouhailHammou
/ Avtr_ThreadProc.c
Created
March 28, 2017 18:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DWORD WINAPI Avtr_ThreadProc( pavtr_listelem Elem ) | |
| { | |
| if ( !Elem ) | |
| return 1; | |
| if ( Elem->technique == 0x80000000 ) | |
| { | |
| if ( Avtr_getKernelRoutines() ) | |
| { | |
| int priv_value = Elem->privilege_value; | |
| if ( ! --priv_value ) //1 => ordinary user |
SouhailHammou
/ Avtr_dllmain.c
Created
March 28, 2017 18:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*2nd level dropper : DLL main function*/ | |
| { | |
| /*[...]*/ | |
| pavtr_listelem Elem = gList; | |
| while ( Elem != NULL ) | |
| { | |
| HANDLE hThread = CreateThread(NULL,NULL,Avtr_ThreadProc,Elem,0); | |
| if ( ! hThread ) | |
| break; |
SouhailHammou
/ ndh2017_step4.py
Last active
May 15, 2023 17:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idc import * | |
| from ctypes import c_uint32 | |
| def bruteforce_word(dword1,dword2): | |
| for i in range(0,256) : | |
| for j in range(0,256) : | |
| k = 0 | |
| result = c_uint32(0xffffffff) | |
| while k < 2 : | |
| if k == 0 : |
SouhailHammou
/ Crackme_RCTF_2017.c
Created
May 22, 2017 10:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| RCTF - 2017 | |
| Author : SOUHAIL HAMMOU | |
| Crackme 714 pts (9 solves) | |
| Description : | |
| ============ | |
| Please submit the flag like RCTF{flag} | |
| https://static2017.teamrois.cn/re_b889ffe02c96c38274f76c67f8a1ddf3/crackme_63074830f0b1b6b4fff6ad910bea34fc.zip | |
| */ |
SouhailHammou
/ solve.c
Last active
November 19, 2017 12:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Souhail Hammou | |
| HXP CTF 2017 - Fibonacci 100 pts | |
| Writeup : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-fibonacci-reversing-100.html | |
| */ | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define _BYTE unsigned char | |
| #define BYTEn(x, n) (*((_BYTE*)&(x)+n)) |
SouhailHammou
/ go_solve.py
Last active
November 19, 2017 12:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #HXP CTF 2017 - dont_panic 100 pts | |
| #Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-dontpanic-reversing-100.html | |
| #Souhail Hammou | |
| import gdb | |
| CHAR_SUCCESS = 0x47B976 | |
| NOPE = 0x47BA23 | |
| gdb.execute("set pagination off") | |
| gdb.execute("b*0x47B976") #Success for a given character | |
| gdb.execute("b*0x47BA23") #Block displaying "Nope" |
SouhailHammou
/ ida_solve.py
Last active
November 19, 2017 13:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # HXP CTF 2017 - revenge_of_the_zwiebel 100 pts | |
| # Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-revengeofthezwiebel.html | |
| # Souhail Hammou | |
| from idc import * | |
| from idaapi import * | |
| def AddIfNotInDict(dict,index): | |
| if index == -1: | |
| raise Exception("Invalid index value !") |
SouhailHammou
/ kvm_solve.py
Created
September 16, 2018 20:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idc import * | |
| root = 0x1300 | |
| flag = '' | |
| def tobits(s): | |
| result = [] | |
| for c in s: | |
| bits = bin(ord(c))[2:] | |
| bits = '00000000'[len(bits):] + bits |
OlderNewer