gamozolabs
/ proc_mem.py
Last active
July 1, 2022 15:23
IDA Python loader for /proc/pid/mem without debugging a process
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re, subprocess, idaapi, ida_segment, ida_kernwin | |
| # To install this, simply put it in your ida_install/loaders folder and open | |
| # a `/proc/<pid>/mem` file! | |
| # | |
| # You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you | |
| # want to be able to dump processes depending on your system configuration. | |
| # Check if the file is supported by our loader | |
| def accept_file(li, filename): |
gamozolabs
/ download-android-ndks-direct-links.sh
Created
November 11, 2020 19:52
— forked from roscopecoltran/download-android-ndks-direct-links.sh
Download Android NDK Tools / Direct Links
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # current workstation architecture (values: MACOSX, MACOSX32, MACOSX64, LINUX, LINUX32, LINUX64, WIN32, WIN64) | |
| WORKSTATION_ACTIVE_ARCH="MACOSX" | |
| # android ndk (revision version, workstation arch, install prefix path) | |
| ANDROID_NDK_VERSION="r10e" | |
| ANDROID_NDK_PLATFORM="darwin" | |
| ANDROID_NDK_PLATFORM_ARCH="x86_64" |
gamozolabs
/ vimrc
Last active
November 23, 2021 17:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " An example for a vimrc file. | |
| " | |
| " Maintainer: Bram Moolenaar <Bram@vim.org> | |
| " Last change: 2019 Jan 26 | |
| " | |
| " To use it, copy it to | |
| " for Unix and OS/2: ~/.vimrc | |
| " for Amiga: s:.vimrc | |
| " for MS-DOS and Win32: $VIM\_vimrc | |
| " for OpenVMS: sys$login:.vimrc |
gamozolabs
/ vimrc
Created
April 11, 2020 08:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " An example for a vimrc file. | |
| " | |
| " Maintainer: Bram Moolenaar <Bram@vim.org> | |
| " Last change: 2019 Jan 26 | |
| " | |
| " To use it, copy it to | |
| " for Unix and OS/2: ~/.vimrc | |
| " for Amiga: s:.vimrc | |
| " for MS-DOS and Win32: $VIM\_vimrc | |
| " for OpenVMS: sys$login:.vimrc |
gamozolabs
/ gist:01bccb6b13638ebc3e36f477fe5eab28
Last active
March 21, 2020 21:53
Piledriver accesses from "L1" with large delays
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Address difference 0b0000000000000000000000000000000000000001000000010000000000000000 | 57.336050 cycles | |
| Address difference 0b0000000000000000000000000000000000000010000000100000000000000000 | 57.306609 cycles | |
| Address difference 0b0000000000000000000000000000000000000011000000110000000000000000 | 57.327845 cycles | |
| Address difference 0b0000000000000000000000000000000000000100000001000000000000000000 | 57.311997 cycles | |
| Address difference 0b0000000000000000000000000000000000000101000001010000000000000000 | 57.293425 cycles | |
| Address difference 0b0000000000000000000000000000000000000110000001100000000000000000 | 57.331232 cycles | |
| Address difference 0b0000000000000000000000000000000000000111000001110000000000000000 | 57.352519 cycles | |
| Address difference 0b0000000000000000000000000000000000001000000010000000000000000000 | 57.340593 cycles | |
| Address difference 0b0000000000000000000000000000000000001001000010010000000000000000 | 57.317394 cycles | |
| Address difference 0b0000000000000000000000000000000000001010000010100000000000 |
gamozolabs
/ gist:74fd0e6a51f79d5aaa620a4a3dbe6929
Created
January 28, 2020 09:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "111111" | |
| "222222" | |
| "333333" | |
| "555555" | |
| "571119" | |
| "620201" | |
| "630327" | |
| "631208" | |
| "ADDRESSERROR" | |
| "AMPRODUCT" |
gamozolabs
/ exploit.c
Created
December 18, 2019 00:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| int | |
| main(void) { | |
| int ii; | |
| uint8_t buf[8192] = { 0 }; | |
| // Worlds most impressive exploit |
gamozolabs
/ vimrc
Created
October 13, 2019 03:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " Vim with all enhancements | |
| source $VIMRUNTIME/vimrc_example.vim | |
| " Remap a few keys for Windows behavior | |
| source $VIMRUNTIME/mswin.vim | |
| " Mouse behavior (the Windows way) | |
| behave mswin | |
| " Use the internal diff if available. |
gamozolabs
/ binja.py
Created
October 7, 2019 01:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from binaryninja import * | |
| import re | |
| NODE_RE = re.compile("NODE (node_[0-9]+)") | |
| INST_RE = re.compile("INST (.*)") | |
| EDGE_RE = re.compile("([A-Z]+) (node_[0-9]+) -> (node_[0-9]+)") | |
| def graph_falkil(binaryview): | |
| # Parse the file | |
| file_contents = open(r"D:\binjagraph.txt", "r").read() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use std::sync::atomic::{AtomicUsize, Ordering}; | |
| // Usage: Make a 4 KiB file located at /mnt/tmpfstest/test.bin and run the | |
| // tool with `cargo run --release` | |
| /// Runs multiple threads at a time incrementally displaying the syscall | |
| /// throughput of 4-KiB random reads to a `tmpfs` hosted mountpoint | |
| fn benchmark_random_read_scaling() { | |
| for num_threads in 1..=256 { | |
| /// Lock to wait for all threads to spawn |
NewerOlder