Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
I may be slow to respond.

akkuman

💭
I may be slow to respond.
View GitHub Profile
@akkuman
akkuman / .gitignore
Last active Nov 20, 2021
[WallpaperAbyss壁纸下载器] #tools #python
View .gitignore
*.jpg
*.JPEG
*.png
.history
build
dist
**/__pycache__
**/*.pyc
@akkuman
akkuman / verifyPESignature.go
Created Nov 4, 2021
[验证pe签名有效性] #go
View verifyPESignature.go
func VerifyPESignature(fileName string) (uint32, error) {
var x uint32 = 1
wintrustCalled := false
genericActionId := windows.WINTRUST_ACTION_GENERIC_VERIFY_V2
name, err := syscall.UTF16PtrFromString(fileName)
if err != nil {
return 0, err
}
hFile, err := windows.CreateFile(name, windows.GENERIC_READ, 0, nil, windows.OPEN_EXISTING, windows.FILE_ATTRIBUTE_NORMAL, 0)
@akkuman
akkuman / checkWintrustConfig.go
Created Nov 4, 2021
[windows上检查MS13-098是否已修复] #golang
View checkWintrustConfig.go
// CheckWintrustConfig check if MS13-098 fix is not installed (KB2893294),
// Keep in mind IT COULD BE INSTALLED BUT REGISTRY KEYS ARE NOT PROPERLY SET, WHICH RENDERS THE PATCH USELESS
func CheckWintrustConfig() (bool, error) {
var _check = false
pSubkey1, err := syscall.UTF16PtrFromString(`\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config`)
if err != nil {
return false, err
}
pSubkey2, err := syscall.UTF16PtrFromString(`\Software\Microsoft\Cryptography\Wintrust\Config`)
if err != nil {
@akkuman
akkuman / parseBytesFromStr.go
Last active Nov 4, 2021
[从命令行解析bytes] #golang
View parseBytesFromStr.go
// support "\x1a \xdf" "\x1a\xdf" "1a, df" "1a df"
func parseTagToBytes(tagStr string) []byte {
tagStr = strings.Replace(tagStr, ` \x`, " ", -1)
tagStr = strings.Replace(tagStr, `\x`, " ", -1)
tagStr = strings.Replace(tagStr, `, `, " ", -1)
tagStr = strings.TrimSpace(tagStr)
fmt.Println(tagStr)
tagSplit := strings.Split(tagStr, " ")
data := make([]byte, len(tagSplit))
for i := range tagSplit {
@akkuman
akkuman / rva2foa.go
Last active Nov 3, 2021
[golang实现的pe的rva2foa] #pe #golang
View rva2foa.go
package main
import (
"debug/pe"
"fmt"
"math/big"
"os"
)
func RVA2FOA(pefile *pe.File, rva uint32) (foa uint32, err error) {
@akkuman
akkuman / calcPECheckSum.go
Created Nov 3, 2021
纯golang计算pe的checksum #pe #golang
View calcPECheckSum.go
package main
import (
"encoding/binary"
"fmt"
"math"
"os"
)
func GeneratePECheckSum(fileBytes []byte) uint32 {
@akkuman
akkuman / punycode-auto.html
Created Nov 2, 2021
[自动生成punycode] #javascript #html
View punycode-auto.html
<html>
<body>
<script type="text/javascript">
for(i=0;i<=65535;i++)
{
c = unescape('%u' + i.toString(16));
if (c.match(/\P{C}+/gu))
{
console.log(c);
document.write(c);
@akkuman
akkuman / splash_with_cookie.py
Created Oct 13, 2021
[给splash增加cookie访问] #python #crawler
View splash_with_cookie.py
@akkuman
akkuman / get_names_from_scrapy.py
Created Oct 13, 2021
[获取scrapy所有spider name] #python #scrapy
View get_names_from_scrapy.py
from scrapy import spiderloader
from scrapy.utils import project
def get_all_spider_names() -> typing.List[str]:
os.environ.setdefault('SCRAPY_SETTINGS_MODULE', 'darkweb.settings')
settings = project.get_project_settings()
spider_loader = spiderloader.SpiderLoader.from_settings(settings)
return spider_loader.list()
@akkuman
akkuman / parse.go
Created Oct 13, 2021
[go解析导出表] golang解析pe的导出表 #golang #pe
View parse.go
package main
import (
"fmt"
"os"
"github.com/fcharlie/buna/debug/pe"
)
func main() {