hc0d3r
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #define xreadlink(f) _xreadlink(f, NULL, 128) | |
| char *_xreadlink(const char *path, char *chunk, size_t len) | |
| { | |
| char *ptr; | |
| ssize_t n = 0; |
hc0d3r
/ unshc.c
Created
July 13, 2019 16:48
https://hc0d3r.github.io/2019/07/13/descompilando-shc.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <spyderhook.h> | |
| #include <ignotum.h> | |
| #include <sys/syscall.h> | |
| #include <sys/wait.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #include <string.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function remove_fbclid(details){ | |
| let index, url = details.url, update = 0; | |
| index = url.indexOf('facebook.com/l.php?u='); | |
| if(index > -1 && index < 15){ | |
| url = url.substring(index+21, url.indexOf('&')); | |
| if(url !== undefined){ | |
| url = decodeURIComponent(url); | |
| update = 1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Demo: | |
| # (gdb) starti | |
| # Starting program: /usr/bin/id | |
| # Program stopped. | |
| # 0x00007ffff7fd4100 in _start () from /lib64/ld-linux-x86-64.so.2 | |
| # (gdb) maps | |
| # 555555554000-555555556000 r--p 00000000 fe:02 3945170 /usr/bin/id | |
| # 555555556000-55555555b000 r-xp 00002000 fe:02 3945170 /usr/bin/id | |
| # 55555555b000-55555555e000 r--p 00007000 fe:02 3945170 /usr/bin/id | |
| # 55555555e000-555555560000 rw-p 00009000 fe:02 3945170 /usr/bin/id |
hc0d3r
/ start-ep.py
Last active
June 30, 2019 12:38
gdb script to set a breakpoint in the entry-point, works with PIE, non-PIE, and stripped binaries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import gdb | |
| import re | |
| class entryPoint(gdb.Command): | |
| def __init__(self): | |
| super(entryPoint, self).__init__("start-ep", gdb.COMMAND_BREAKPOINTS) | |
| def invoke(self, arg, from_tty): | |
| output = gdb.execute('starti '+arg, False, True) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| help(){ | |
| cat <<B | |
| deproy.sh | |
| Usage: deproy.sh [cmd] | |
| Command list: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| import socket | |
| def getinfo(buf): | |
| i = buf.index(' ') | |
| return int(buf[2:i]), int(buf[i+3:]) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // author: @hc0d3r | |
| // license: wtfpl | |
| #include <asm/unistd_64.h> | |
| #include <sys/mman.h> | |
| #include <fcntl.h> | |
| #include <stdio.h> | |
| static const char syscall_sc[]= | |
| "\x48\x89\xf8" // mov %rdi,%rax |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| my(@cpf, $sum); | |
| push @cpf, int rand 10 foreach (2 .. 10); | |
| map { $sum += $cpf[$_] * (reverse 2..10)[$_] } 0..8; | |
| push @cpf, $sum * 10 % 11 % 10; | |
| map { $sum += $_ } unpack('(A)10XA', join('', @cpf)); | |
| push @cpf, $sum * 10 % 11 % 10; | |
| print join('', @cpf) . "\n"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| section .text | |
| global _start | |
| _start: | |
| call $+13 | |
| das | |
| bound ebp,[ecx+0x6e] | |
| das | |
| dw 0x6873 | |
| db 0x00 | |
| xor eax, eax |
NewerOlder