Skip to content

Instantly share code, notes, and snippets.

View extremecoders-re's full-sized avatar
🐶
🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶🐶

extremecoders-re

🐶
🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶 🐶🐶
463 followers · 0 following
View GitHub Profile
@extremecoders-re
extremecoders-re / cav-updater.sh
Created March 30, 2018 18:51
Comodo manual updater (Incomplete)
#!/usr/bin/sh
echo "[+] Checking for updates..."
path_bases_cav="/c/Program Files/COMODO/COMODO Internet Security/scanners/bases.cav"
update_url="http://cdn.download.comodo.com/av/updates58/sigs/bases/bases.cav"
hash_check () {
# Download first 256 bytes (after header) of remote stream
tmp_first_256_remote=`mktemp`
@extremecoders-re
extremecoders-re / angrsolver.py
Last active April 14, 2018 19:44
#!/usr/bin/env python
import angr
import simuvex
import binascii
import sys
part1 = None
part2 = None
@extremecoders-re
extremecoders-re / rebuildimp.py
Last active April 14, 2018 19:46
import immlib
imm = immlib.Debugger()
jmp_table1 = 0x4011F4
table1_entries = 35
jmp_table2 = 0x401330
table2_entries = 8
@extremecoders-re
extremecoders-re / traceoep.py
Created March 31, 2016 09:44
import immlib
imm = immlib.Debugger()
OEP = 0x44F308
def killWatchDogThreads():
global imm
for i in xrange(3):
# Get return address
esp = imm.getRegs()['ESP']
@extremecoders-re
extremecoders-re / check.asm
Created March 21, 2016 14:33
.text:004010EC ; int __stdcall check(int part1, int part2)
.text:004010EC check proc near ; CODE XREF: DialogFunc+104p
.text:004010EC
.text:004010EC output = byte ptr -21h
.text:004010EC part1 = dword ptr 8
.text:004010EC part2 = dword ptr 0Ch
.text:004010EC
.text:004010EC push ebp
.text:004010ED mov ebp, esp
.text:004010EF add esp, 0FFFFFFDCh
@extremecoders-re
extremecoders-re / Solving ResolveMe TWO.md
Created February 23, 2016 18:50

Solving ResolveMe TWO crackme by deurus

Author: extremecoders
Date: 23-February-2016

The crackme requires microsoft java virtual machine to run and is coded in Visual J++. Now, J++ and Java are very similar with the former being developed by microsoft. Hence we can safely assume, that the crackme was coded in Java.

Preliminary Analysis

Running the crackme, presents us with the screen below.

@extremecoders-re
extremecoders-re / z3solver.py
Created March 26, 2016 14:19
from z3 import *
import binascii
import sys
# Calculates the installation id from the entered string
# This function just reverses the order of dwords in each quadword
def getInstallIdFromString(iid_string):
qword1, qword2, qword3, qword4 = iid_string.split('-')
dword1 = list(binascii.unhexlify(qword1))[3::-1]
@extremecoders-re
extremecoders-re / findtheflagsolver.py
Created July 19, 2017 06:42
Find the flag solver - updated
#!/usr/bin/env python
import angr
import simuvex
def main():
print '[*] Loading file...'
# Create a new project, do not load shared libs
proj = angr.Project('findtheflag', load_options={'auto_load_libs': False})
@extremecoders-re
extremecoders-re / default.py
Last active January 19, 2019 11:14
get_video_url fix
def get_video_url(url):
videos = []
params = []
addon_log(url)
xbmc.log(url, level=xbmc.LOGWARNING)
quality = (Addon.getSetting('qualityType')).lower()
resp = api_hotstar_request(url, auth=True)
manifest1 = resp['body']['results']['item']['playbackUrl']
addon_log('manifest1 is, '+manifest1)
@extremecoders-re
extremecoders-re / docker_ipc.md
Last active January 21, 2019 08:40
Docker IPC using named pipe

Container C1

$ docker run --rm --name c1 --ipc shareable -it ubuntu:18.04 /bin/bash
# mkfifo /dev/shm/mypipe
# echo "Hello from C1" > /dev/shm/mypipe

Container C2

$ docker run --rm --name c2 --ipc container:c1 -it ubuntu:18.04 /bin/bash