I hereby claim:
- I am cetfor on github.
- I am cetfor (https://keybase.io/cetfor) on keybase.
- I have a public key ASBHlHOFYJOg5ZKnd_FHZsrevyhbS6mGSgcV24hW55cFDAo
To claim this, I am signing this object:
John Toterhi cetfor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // gcc -m32 -mpreferred-stack-boundary=2 cdecl.c -o cdecl | |
| #include <stdio.h> | |
| void printFavNums(int num1, int num2) { | |
| printf("My favorite numbers are %d and %d!\n", num1, num2); | |
| } | |
| int main() | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ghidra.app.emulator import EmulatorHelper | |
| from ghidra.program.model.symbol import SymbolUtilities | |
| # Tested with Ghidra v9.1 and v9.1.1, future releases are likely to simplify | |
| # and/or expand the EmulatorHelper class in the API. | |
| # == Helper functions ====================================================== | |
| def getAddress(offset): | |
| return currentProgram.getAddressFactory().getDefaultAddressSpace().getAddress(offset) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get MLIL SSA form | |
| import binaryninja | |
| target = "cwe369A_x64" | |
| print("Analyzing file: {}".format(target)) | |
| bv = binaryninja.BinaryViewType.get_view_of_file(target) | |
| bv.add_analysis_option('linearsweep') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get MLIL SSA form and print operands | |
| import binaryninja | |
| target = "cwe369A_x64" | |
| print("Analyzing file: {}".format(target)) | |
| bv = binaryninja.BinaryViewType.get_view_of_file(target) | |
| bv.add_analysis_option('linearsweep') |
cetfor
/ GetDivs.py
Created
February 8, 2020 20:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get MLIL SSA form | |
| import binaryninja | |
| target = "cwe369A_x64" | |
| target_operations = [ | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU, |
cetfor
/ BuildAssignmentGraph.py
Created
February 8, 2020 23:04
Build a NetworkX digraph of MLIL SSA assignments for data flow analysis
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369A_x64" | |
| def build_symbol_graph(bv, func): | |
| graph = nx.DiGraph() | |
| for func in bv.functions: | |
| for block in func.medium_level_il.ssa_form: | |
| for instr in block: |
cetfor
/ FindSimpleFPE.py
Created
February 8, 2020 23:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369A_x64" | |
| target_operations = [ | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVS_DP, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU, | |
| binaryninja.MediumLevelILOperation.MLIL_DIVU_DP, |
cetfor
/ FindSimpleFPE2.py
Last active
February 16, 2020 19:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369B_x64" | |
| RETURN_MAP = { | |
| 'atoi': 0, | |
| } | |
| target_operations = [ |
cetfor
/ FindSimpleFPE3.py
Last active
February 17, 2020 01:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binaryninja | |
| import networkx as nx | |
| target = "cwe369B_ARM32" | |
| RETURN_MAP = { | |
| 'atoi': 0, | |
| } |
OlderNewer