Skip to content

Instantly share code, notes, and snippets.

View ancat's full-sized avatar
🌵
h

OMAR ancat

🌵
h
118 followers · 77 following
View GitHub Profile
@ancat
ancat / get_memory_strings.py
Last active October 17, 2021 22:22
import ctypes, sys, os, string
try:
pid = int(sys.argv[1])
except IndexError:
print >> sys.stderr, "{} <process_id>".format(sys.argv[0])
sys.exit(1)
libc = ctypes.CDLL('/lib/x86_64-linux-gnu/libc.so.6')
libc.process_vm_readv.argtypes = [ctypes.c_uint64, ctypes.c_void_p, ctypes.c_uint64, ctypes.c_void_p, ctypes.c_uint64, ctypes.c_uint64]
@ancat
ancat / hook_processes_and_threads.c
Last active March 2, 2020 03:40
/*
Question: how hook into the creation of new processes /and/ threads?
Attempt #1: Attach a kprobe to the `execve` syscall
- This works, but will not catch threads created via clone.
Attempt #2: Add an additional kretprobe to the `clone` syscall
- On success, clone returns the newly created thread id. This works fine
until you start dealing with pid namespaces. If clone is called from a
different pid namespace, the return value will only be valid for that
@ancat
ancat / caffe.md
Last active March 23, 2018 21:21
instructions for setting up caffe

Setting up Caffe for Running Deepdream on OS X

Dependencies

Use Brew

Install brew and pip (sudo easy_install pip)

brew update
brew install homebrew/science/openblas
@ancat
ancat / notes.md
Created March 3, 2014 01:23
z3 for ctf
@ancat
ancat / what.docx
Created September 23, 2017 17:31
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFXrqMIBEADs7PR4iqATlwguGqGLTbUmeUWtjfnyf+ZrEh6P9Xi2MP23qJh4
XHaAOlB0nzgOIvqPGNBa6OU6aUq/timRZY0XRKFGj3pExiq/efkMP5a2QvPTfaPa
L1k0yH4VNzerALIXvrYxVkQmEKeTV1WSp7bOfSGajcvINitLXBaFoVJAoqbmoDTn
vcRIffQOJ7/Kccn0vbrTqqZykYfG68APPjGW08KdbQGAgrSMRMS0gNnbZKQ0PhOf
EoGXXNa9AvKMo15U01v9aC+kZJ+0VmcswIknF+2IugLChuhz5FYxJ9m2t8OJBF1P
RobI86Zgexq83cNSDhSR+I53+VW0uJPHRQhp+AB2l6aspKq+V92QZZ3mcI1NR95J
epFx0DeMbajA3oeKH/9+77kqeS/am+veZZgm4qKe6ziM4xfxsN9090RHq+32NGUt
@ancat
ancat / obese.md
Created July 18, 2017 17:09
obesity spam 
Subject: Being a glutton is an awful sin, learn how you can stop living a sinful life and lose excessive weight
From: ziggydog@xplornet.com
Date: Jul 15 02:25AM +0200

Our Lord and Savior wants you to stop being obese.
The Bible says that gluttony is an awful sin.
The craving of food can quickly become an idol in our lives.
Anything that takes the place of Lord is a sin against Him (Proverbs 23:2).
@ancat
ancat / pyside.md
Last active March 10, 2017 09:41
Compiling PySide for IDA Pro on Windows

Compiling PySide for IDA Pro on Windows

If you've ever wanted to use IDA's native GUIs, you'll need PySide. Unfortunately PySide is annoying to compile, and the only available binaries are for Python 2.6. This should work for any version.

Note: The python module installer executable at the end of this guide did not work for me. The compiled pyd and dll files, however were completely usable from within IDA.

Prequisites

  • Visual Studio 2010
  • Visual Studio 2010 Service Pack 1
@ancat
ancat / pwnable_2.md
Last active December 21, 2015 19:27
wwtw.md

WWTW

Solving the Game

Wibbly wobbly timey wimey, or "wwtw" was a two point pwnable from Defcon quals this year. I worked on this challenge with my teammate, @MarvelousBreadchris. Running it right away shows us a little game screen:

You(^V<>) must find your way to the TARDIS(T) by
avoiding the angels(A).
Go through the exits(E) to get to the next room
@ancat
ancat / cat.asm
Created October 25, 2012 19:00
section .data
cmd:
db "cat config.php", 10
section .text
global _start
extern system
_start:
push cmd
@ancat
ancat / gist:2864776
Created June 3, 2012 19:40
<script>
window.addEventListener('message', function(e) {eval(e.data)}, false);
</script>