John Toterhi cetfor
cetfor
/ challenge.c
Created
January 22, 2021 21:44
Scripts and code for HackOvert Z3 function modeling
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Challenge from: | |
| // https://www.reddit.com/r/ExploitDev/comments/gv72xr/reverse_engineer_passphrase_check/ | |
| #include <stdio.h> | |
| #include <string.h> | |
| int check(char* input) { | |
| if (strlen(input) != 15) { | |
| return 0; | |
| } else { |
cetfor
/ SystemCallAuditorBinja.py
Created
January 21, 2021 03:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| sources = [ | |
| 'snprintf', # int snprintf ( char * s, size_t n, const char * format, ... ); | |
| 'sprintf', # int sprintf ( char * s, const char * format, ... ); | |
| ] | |
| sinks = [ | |
| 'system', # int system(const char *command); | |
| ] |
cetfor
/ SystemCallAuditor.py
Last active
December 7, 2023 17:32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Checks system calls for command injection patterns | |
| #@author | |
| #@category HackOvert | |
| #@keybinding | |
| #@menupath | |
| #@toolbar | |
| from ghidra.app.decompiler import DecompileOptions | |
| from ghidra.app.decompiler import DecompInterface | |
| from ghidra.program.model.pcode import Varnode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import binaryninja | |
| import sys | |
| import tempfile | |
| import time | |
| import math | |
| import os | |
| from multiprocessing import Pool, TimeoutError, cpu_count |
cetfor
/ FindSimpleFPE3.py
Last active
February 17, 2020 01:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369B_ARM32" | |
| RETURN_MAP = { | |
| 'atoi': 0, | |
| } |
cetfor
/ FindSimpleFPE2.py
Last active
February 16, 2020 19:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369B_x64" | |
| RETURN_MAP = { | |
| 'atoi': 0, | |
| } | |
| target_operations = [ |
cetfor
/ FindSimpleFPE.py
Created
February 8, 2020 23:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369A_x64" | |
| target_operations = [ | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU_DP, |
cetfor
/ BuildAssignmentGraph.py
Created
February 8, 2020 23:04
Build a NetworkX digraph of MLIL SSA assignments for data flow analysis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369A_x64" | |
| def build_symbol_graph(bv, func): | |
| graph = nx.DiGraph() | |
| for func in bv.functions: | |
| for block in func.medium_level_il.ssa_form: | |
| for instr in block: |
cetfor
/ GetDivs.py
Created
February 8, 2020 20:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get MLIL SSA form | |
| import binaryninja | |
| target = "cwe369A_x64" | |
| target_operations = [ | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get MLIL SSA form and print operands | |
| import binaryninja | |
| target = "cwe369A_x64" | |
| print("Analyzing file: {}".format(target)) | |
| bv = binaryninja.BinaryViewType.get_view_of_file(target) | |
| bv.add_analysis_option('linearsweep') |
NewerOlder