Skip to content

Instantly share code, notes, and snippets.

View SouhailHammou's full-sized avatar

Souhail Hammou SouhailHammou

View GitHub Profile
/*
RCTF - 2017
Author : SOUHAIL HAMMOU
Crackme 714 pts (9 solves)
Description :
============
Please submit the flag like RCTF{flag}
https://static2017.teamrois.cn/re_b889ffe02c96c38274f76c67f8a1ddf3/crackme_63074830f0b1b6b4fff6ad910bea34fc.zip
*/
/*
Souhail Hammou
HXP CTF 2017 - Fibonacci 100 pts
Writeup : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-fibonacci-reversing-100.html
*/
#include <stdio.h>
#include <stdlib.h>
#define _BYTE unsigned char
#define BYTEn(x, n) (*((_BYTE*)&(x)+n))
#HXP CTF 2017 - dont_panic 100 pts
#Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-dontpanic-reversing-100.html
#Souhail Hammou
import gdb
CHAR_SUCCESS = 0x47B976
NOPE = 0x47BA23
gdb.execute("set pagination off")
gdb.execute("b*0x47B976") #Success for a given character
gdb.execute("b*0x47BA23") #Block displaying "Nope"
# HXP CTF 2017 - revenge_of_the_zwiebel 100 pts
# Writeup link : https://rce4fun.blogspot.com/2017/11/hxp-ctf-2017-revengeofthezwiebel.html
# Souhail Hammou
from idc import *
from idaapi import *
def AddIfNotInDict(dict,index):
if index == -1:
raise Exception("Invalid index value !")
from idc import *
root = 0x1300
flag = ''
def tobits(s):
result = []
for c in s:
bits = bin(ord(c))[2:]
bits = '00000000'[len(bits):] + bits
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
#define SUMS_SZ 0x10000 * sizeof(int16_t)
#define VM_SZ sizeof(initial_state)
typedef int16_t WORD;
pid = /*Locate the service's pid with the help of NtQuerySystemInformation*/;
for( Page = 0x1000; Page < 0x7fffffff; Page += 0x1000 )
{
Page_cp = Page;
OldProtection = CommunicateServiceVirtualProtect(
pid, //We give the service its own pid
Page, //Address of the page in the service's process
PAGE_EXECUTE_READWRITE, //Change to the most permissible protection to avoid crashes
0x1000
);
#include <Windows.h>
#define NTHREADS 5
DWORD WINAPI Thread(LPVOID Parameter)
{
while (1)
CloseHandle(FindFirstChangeNotificationA("C:\\", FALSE, FILE_NOTIFY_CHANGE_FILE_NAME));
}
void main()
{
HANDLE hLastThread;
@SouhailHammou
SouhailHammou / VM.c
Created September 22, 2015 17:00
Virtual machine with a custom instruction set.
/*
VM by Souhail Hammou : custom instruction set
data space and stack space are customizable.
Important : In calculations the VM is using unsigned values.
*/
#include <stdio.h>
#include <stdint.h>
#include <conio.h>
#define TRUE 1
#define FALSE 0
typedef struct _avtr_listelem
{
struct _avtr_listelem* next;
struct _avtr_listelem* prev;
DWORD technique; /*0x08*/
DWORD privilege_value; /*0x0C*/
DWORD n_tries; /*0x10*/
DWORD milliseconds; /*0x14*/
} avtr_listelem, *pavtr_listelem;