debasishm89
/ Messagbox.asm
Last active
October 13, 2020 03:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Sample shellcode that will pop a MessageBox | |
| ; with custom title and text | |
| ; Written by Peter Van Eeckhoutte | |
| ; http://www.corelan.be:8800 | |
| [Section .text] | |
| [BITS 32] | |
| global _start |
debasishm89
/ pestudio.py
Created
June 7, 2013 15:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Title: PEStudio Version 3.69 Denial of Service | |
| # Date: 5th June 2013 | |
| # Author: Debasish Mandal ( https://twitter.com/debasishm89 ) | |
| # Blog : http://www.debasish.in/ | |
| # Software Homepage: http://www.winitor.com/ | |
| # Version: PEStudio Version 3.69 | |
| # Tested on: Windows XP SP2 / Windows 7 | |
| # Vendor Patch : Recently released stable version (v6.91) is not affected. | |
| ''' |
debasishm89
/ peinject.py
Last active
January 17, 2023 14:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pefile import PE | |
| from struct import pack | |
| # windows/messagebox - 265 bytes | |
| # http://www.metasploit.com | |
| # ICON=NO, TITLE=W00t!, EXITFUNC=process, VERBOSE=false, | |
| # TEXT=Debasish Was Here! | |
| sample_shell_code = ("\xd9\xeb\x9b\xd9\x74\x24\xf4\x31\xd2\xb2\x77\x31\xc9\x64" + | |
| "\x8b\x71\x30\x8b\x76\x0c\x8b\x76\x1c\x8b\x46\x08\x8b\x7e" + | |
| "\x20\x8b\x36\x38\x4f\x18\x75\xf3\x59\x01\xd1\xff\xe1\x60" + | |
| "\x8b\x6c\x24\x24\x8b\x45\x3c\x8b\x54\x28\x78\x01\xea\x8b" + |
debasishm89
/ MS12-027 Crash Analysis
Created
July 21, 2012 22:10
— forked from abhisek/MS12-027 Crash Analysis
MS12-027 Analysis: Encrypted Word Document Structure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Crash Stack Trace: | |
| 0:000> kb | |
| ChildEBP RetAddr Args to Child | |
| WARNING: Stack unwind information not available. Following frames may be wrong. | |
| 0012eaa0 275c8a0a 0012eacc 00208008 00008282 MSCOMCTL!DllGetClassObject+0x41a87 | |
| 0012ead4 27583c30 00000000 01000000 c279eb90 MSCOMCTL!DllGetClassObject+0x41cc6 | |
| 00000000 00000000 00000000 00000000 00000000 MSCOMCTL!DllCanUnloadNow+0xc7d | |
NewerOlder