Skip to content

Instantly share code, notes, and snippets.

Avatar
🐰
‎baaaaaaaaaaah

crazy rabbidz hugsy

🐰
‎baaaaaaaaaaah
View GitHub Profile
@hugsy
hugsy / rundll_payload_interactive_session.cc
Created Sep 10, 2020
dll payload to execute code from session 0 to first interactive session
View rundll_payload_interactive_session.cc
#include <windows.h>
#include <wtsapi32.h>
#include <Userenv.h>
#include <TlHelp32.h>
#include <Lmcons.h>
#include <iostream>
#pragma comment(lib, "Wtsapi32.lib")
#pragma comment(lib, "Userenv.lib")
View start-gef-gotty.sh
#!/bin/bash
set -e
if [ -d ~/gef-docker ]; then
echo "[+] Updating the image..."
cd ~/gef-docker
git pull
else
echo "[+] Getting the image..."
View profile.ps1
Import-Module posh-git
Import-Module oh-my-posh
Set-Theme Paradox
Set-PSReadlineOption -EditMode Emacs
Set-PSReadLineKeyHandler -Chord Ctrl+LeftArrow -Function BackwardWord
Set-PSReadLineKeyHandler -Chord Ctrl+RightArrow -Function NextWord
Function Invoke-CmdScript {
View cpuid.cc
/**
* QnD cpuid C script(tested win & lin)
*/
#include <stdio.h>
#include <stdint.h>
using namespace std;
#include <iostream>
#include <array>
View Get-Coredump.ps1
function Get-Coredump
{
<#
.SYNOPSIS
Uses COM services to generate a coredump of a running process
.DESCRIPTION
Uses COM services to generate a coredump of a running process
View windbgx_cmdline.txt
/loadSession - Load a saved session configuration file.
/setupFirewallRules - Configures the required firewall rules on the local system to allow kernel debugging.
/c - Executes a command line after the debugger is attached.
/logo - Begins logging information to a log file. If the file exists, it will be overwritten.
/loga - Begins logging information to a log file. If the file exists, it will be appended to.
/e - Signals the event with the given handle after the next exception in a target.
/v - Enables verbose output in the debugger.
/Q - Deprecated command-line option.
/QY - Deprecated command-line option.
/QS - Deprecated command-line option.
View i_can_count.py
#!/usr/bin/python3
#
# Emulation script for "i_can_count_8484ceff57cb99e3bdb3017f8c8a2467" from 0x56556104 to 0x56556109
#
# Powered by gef, unicorn-engine, and capstone-engine
#
# @_hugsy_
#
from __future__ import print_function
import collections
View AllocateLargePool.c
#include <windows.h>
#include <stdio.h>
#pragma comment(lib, "ntdll.lib")
#define SystemBigPoolInformation 0x42
#define ThreadNameInformation 0x26
#define DATA_TO_COPY "AAAAAAAAAAAAABBBBBBBBBBBBBBBCCCCCCCCCCCCCCCDDDDDDDDDDDDDDD"
View SimpleSetThreadName.c
#include <windows.h>
#include <wchar.h>
#pragma comment(lib, "ntdll.lib")
#define ThreadNameInformation 0x26
// mimic nt!UNICODE_STRING
// sizeof(UNICODE_STRING) must be 0x10 for the syscall to succeed.
typedef struct
{
WORD Length;
View loader.cpp
/**
* Fuzzing arbitrary functions in ELF binaries, using LIEF and LibFuzzer
*
* Full article on https://blahcat.github.io/
* @_hugsy_
*
*/
#include <dlfcn.h>
#include <stdio.h>
#include <stdlib.h>
You can’t perform that action at this time.