For some reason IDA executes FreeLibrary() to the plugin immediately after getting its PLUGIN structure's address, so later invocations of the plugin lead to calls to nowhere (that was supposed to be python3.dll). Simply patching the location of the FreeLibrary() call fixes the issue. The location is easy to find: go by cross-references to a place where the call to FreeLibrary is followed by a reference to the string "%s: incompatible plugin version..." and NOP it away.
apfelchips
/ defaults.duti
Last active
December 23, 2023 03:53
set file-associations on macOS: ~ 🥖.config 🥖duti 🥖defaults.duti
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # duti settings file | |
| # src: https://gist.github.com/apfelchips/0073cb3e8d186115f590d318998c1025 | |
| # mkdir -p "${XDG_CONFIG_HOME:-$HOME/.config}/duti/" && curl -L "https://git.io/JRtzH" -o "${XDG_CONFIG_HOME:-$HOME/.config}/duti/default.duti" | |
| # duti-apply wrapper: alias duti-apply='duti -v "${XDG_CONFIG_HOME:-$HOME/.config}/duti"' | |
| ## duti documentation http://duti.org/documentation.html | |
| ## see also: https://github.com/Lord-Kamina/SwiftDefaultApps#readme | |
| # List of MIME Types: |
fuzyll
/ make_ghidra_app.sh
Last active
December 4, 2023 21:09
Script to automatically create a MacOS Application Bundle out of a Ghidra release archive.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # make_ghidra_app.sh | MacOS App Bundle Creator Script | |
| # | |
| # Copyright (c) 2019 Alexander Taylor <ajtaylor@fuzyll.com> | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # |
This is an example configuration to have nginx output JSON logs to make it easier for Logstash processing. I was trying to get nginx > Filebeat > Logstash > ES working and it wasn't until I connected Filebeat directly to Elasticsearch that I saw the expected data. Google led me to ingest-convert.sh and I realized filebeat setup works for Filebeat > ES but not Filebeat > Logstash > ES. This is because Logstash does not use ingest pipelines by default. You have to enable them in the elasticsearch output block.
Having nginx log JSON in the format required for Elasticsearch means there's very little processing (i.e. grok) to be done in Logstash. nginx can only output JSON for access logs; the error_log format cannot be changed.
Extra fields are output and not used by the Kibana dashboards. I included them in case they might be useful. Since they are not declared in the filebeat setup, their default is "string" when yo
JPvRiel
/ journalctl_enable_persistent_storage.md
Last active
May 27, 2024 11:19
Enable persistent storage for the systemd journal log
The assumed default setting in /etc/systemd/journald.conf is Storage=auto which implies that systemd journaling will only persist the journal if the expected storage location is available. Otherwise, the journal data is stored in memory and lost between reboots. On Ubuntu 16.04, /var/log/journal does not exist by default. Create it to keep and query events from previous boots.
Considerations:
- Syslog still provides the persistant log records for Ubuntu 16.04, so enabling persistant systemd journal logging does cause a level of duplicaiton.
- There are sane defaults:
