This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Challenge from: | |
// https://www.reddit.com/r/ExploitDev/comments/gv72xr/reverse_engineer_passphrase_check/ | |
#include <stdio.h> | |
#include <string.h> | |
int check(char* input) { | |
if (strlen(input) != 15) { | |
return 0; | |
} else { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binaryninja | |
sources = [ | |
'snprintf', # int snprintf ( char * s, size_t n, const char * format, ... ); | |
'sprintf', # int sprintf ( char * s, const char * format, ... ); | |
] | |
sinks = [ | |
'system', # int system(const char *command); | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Checks system calls for command injection patterns | |
#@author | |
#@category HackOvert | |
#@keybinding | |
#@menupath | |
#@toolbar | |
from ghidra.app.decompiler import DecompileOptions | |
from ghidra.app.decompiler import DecompInterface | |
from ghidra.program.model.pcode import Varnode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
import binaryninja | |
import sys | |
import tempfile | |
import time | |
import math | |
import os | |
from multiprocessing import Pool, TimeoutError, cpu_count |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binaryninja | |
import networkx as nx | |
target = "cwe369B_ARM32" | |
RETURN_MAP = { | |
'atoi': 0, | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binaryninja | |
import networkx as nx | |
target = "cwe369B_x64" | |
RETURN_MAP = { | |
'atoi': 0, | |
} | |
target_operations = [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binaryninja | |
import networkx as nx | |
target = "cwe369A_x64" | |
target_operations = [ | |
binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
binaryninja.MediumLevelILOperation.MLIL_DIVU, | |
binaryninja.MediumLevelILOperation.MLIL_DIVU_DP, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binaryninja | |
import networkx as nx | |
target = "cwe369A_x64" | |
def build_symbol_graph(bv, func): | |
graph = nx.DiGraph() | |
for func in bv.functions: | |
for block in func.medium_level_il.ssa_form: | |
for instr in block: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get MLIL SSA form | |
import binaryninja | |
target = "cwe369A_x64" | |
target_operations = [ | |
binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
binaryninja.MediumLevelILOperation.MLIL_DIVU, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get MLIL SSA form and print operands | |
import binaryninja | |
target = "cwe369A_x64" | |
print("Analyzing file: {}".format(target)) | |
bv = binaryninja.BinaryViewType.get_view_of_file(target) | |
bv.add_analysis_option('linearsweep') |
NewerOlder