hugsy
/ rundll_payload_interactive_session.cc
Created Sep 10, 2020
dll payload to execute code from session 0 to first interactive session
View rundll_payload_interactive_session.cc
| #include <windows.h> | |
| #include <wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <TlHelp32.h> | |
| #include <Lmcons.h> | |
| #include <iostream> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
hugsy
/ start-gef-gotty.sh
Last active Feb 28, 2020
View start-gef-gotty.sh
| #!/bin/bash | |
| set -e | |
| if [ -d ~/gef-docker ]; then | |
| echo "[+] Updating the image..." | |
| cd ~/gef-docker | |
| git pull | |
| else | |
| echo "[+] Getting the image..." |
hugsy
/ profile.ps1
Last active Jun 3, 2020
View profile.ps1
| Import-Module posh-git | |
| Import-Module oh-my-posh | |
| Set-Theme Paradox | |
| Set-PSReadlineOption -EditMode Emacs | |
| Set-PSReadLineKeyHandler -Chord Ctrl+LeftArrow -Function BackwardWord | |
| Set-PSReadLineKeyHandler -Chord Ctrl+RightArrow -Function NextWord | |
| Function Invoke-CmdScript { |
View cpuid.cc
| /** | |
| * QnD cpuid C script(tested win & lin) | |
| */ | |
| #include <stdio.h> | |
| #include <stdint.h> | |
| using namespace std; | |
| #include <iostream> | |
| #include <array> | |
hugsy
/ Get-Coredump.ps1
Created Jan 6, 2020
View Get-Coredump.ps1
| function Get-Coredump | |
| { | |
| <# | |
| .SYNOPSIS | |
| Uses COM services to generate a coredump of a running process | |
| .DESCRIPTION | |
| Uses COM services to generate a coredump of a running process |
hugsy
/ windbgx_cmdline.txt
Created Oct 10, 2019
View windbgx_cmdline.txt
| /loadSession - Load a saved session configuration file. | |
| /setupFirewallRules - Configures the required firewall rules on the local system to allow kernel debugging. | |
| /c - Executes a command line after the debugger is attached. | |
| /logo - Begins logging information to a log file. If the file exists, it will be overwritten. | |
| /loga - Begins logging information to a log file. If the file exists, it will be appended to. | |
| /e - Signals the event with the given handle after the next exception in a target. | |
| /v - Enables verbose output in the debugger. | |
| /Q - Deprecated command-line option. | |
| /QY - Deprecated command-line option. | |
| /QS - Deprecated command-line option. |
hugsy
/ i_can_count.py
Created Apr 14, 2019
View i_can_count.py
| #!/usr/bin/python3 | |
| # | |
| # Emulation script for "i_can_count_8484ceff57cb99e3bdb3017f8c8a2467" from 0x56556104 to 0x56556109 | |
| # | |
| # Powered by gef, unicorn-engine, and capstone-engine | |
| # | |
| # @_hugsy_ | |
| # | |
| from __future__ import print_function | |
| import collections |
hugsy
/ AllocateLargePool.c
Created Mar 17, 2019
View AllocateLargePool.c
| #include <windows.h> | |
| #include <stdio.h> | |
| #pragma comment(lib, "ntdll.lib") | |
| #define SystemBigPoolInformation 0x42 | |
| #define ThreadNameInformation 0x26 | |
| #define DATA_TO_COPY "AAAAAAAAAAAAABBBBBBBBBBBBBBBCCCCCCCCCCCCCCCDDDDDDDDDDDDDDD" |
hugsy
/ SimpleSetThreadName.c
Created Mar 17, 2019
View SimpleSetThreadName.c
| #include <windows.h> | |
| #include <wchar.h> | |
| #pragma comment(lib, "ntdll.lib") | |
| #define ThreadNameInformation 0x26 | |
| // mimic nt!UNICODE_STRING | |
| // sizeof(UNICODE_STRING) must be 0x10 for the syscall to succeed. | |
| typedef struct | |
| { | |
| WORD Length; |
hugsy
/ loader.cpp
Created Mar 10, 2018
View loader.cpp
| /** | |
| * Fuzzing arbitrary functions in ELF binaries, using LIEF and LibFuzzer | |
| * | |
| * Full article on https://blahcat.github.io/ | |
| * @_hugsy_ | |
| * | |
| */ | |
| #include <dlfcn.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> |
NewerOlder