Skip to content

Instantly share code, notes, and snippets.

Avatar

Hugo Porcher icecr4ck

View GitHub Profile
@icecr4ck
icecr4ck / postgres_cheatsheet.md
Created Aug 21, 2020
View postgres_cheatsheet.md

PostgreSQL cheatsheet

Get a root postgres shell

sudo -u postgres psql

Shell commands

@icecr4ck
icecr4ck / idapython_ctree.md
Last active Jan 11, 2021
Notes on CTREE usage with IDAPython
View idapython_ctree.md

IDAPython CTREE

Important links

Description

The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.

@icecr4ck
icecr4ck / format_usb_drive_linux.md
Last active Feb 8, 2020
Cheatsheet to format a USB drive easily on Linux
View format_usb_drive_linux.md

Format a USB drive on Linux

Identify the volume

lsusb
sudo fdisk -l
df -h # if already mounted
@icecr4ck
icecr4ck / mount_qcow2.md
Created Dec 26, 2019
Mount a Windows qcow2 image on Linux
View mount_qcow2.md

Mount a Windows qcow2 image on Linux

  1. Convert .qcow2 image to raw image
qemu-img convert -p -O raw image.qcow2 image.raw
  1. Get the startsector of the partition you want to mount with the command file
  2. Multiply the startsector value by 512 (referenced as SS_OFFSET in the next steps)
  3. Create a directory where to mount the partition with mkdir /mnt/image
  4. Run the mount command as follows to mount the partition
@icecr4ck
icecr4ck / virtualisation.md
Last active Nov 28, 2020
View virtualisation.md

Virtualisation

Definitions and architecture

Basics

Virtualisation: hardware assisted virtualisation where the VM’s processor matches host computer’s processor.

Emulation: faking the hardware to virtualise OSes using a different processor than the host computer's processor.

@icecr4ck
icecr4ck / ansible_notes.md
Last active Feb 2, 2020
Notes on the usage of Ansible
View ansible_notes.md

Ansible

Configuration

In /etc/ansible/ansible.cfg by default, but the path can be overwritten by creating a file .ansible.cfg in the home directory.

Create a hosts file in /etc/ansible to add the hosts, it is possible to create groups with [group_name].

# /etc/ansible/hosts
@icecr4ck
icecr4ck / decrypt_from_args_mc.py
Created Oct 9, 2019
Example of IDA Microcode script to parse the arguments of a call to a decryption function
View decrypt_from_args_mc.py
import idautils
import ida_range
import ida_hexrays as hr
class decryptor(hr.mop_visitor_t):
def visit_mop(self, op, type, is_target):
if op.t != hr.mop_f:
return 0
@icecr4ck
icecr4ck / plugin_ida.py
Last active Nov 25, 2020
Squelette pour plugin IDA Python
View plugin_ida.py
import idaapi
class ExamplePlugin(idaapi.plugin_t):
flags = idaapi.PLUGIN_DRAW
comment = "This plugin does nothing useful"
help = "No help is needed"
wanted_name = "Example"
wanted_hotkey = "Alt-F11"
def init():
@icecr4ck
icecr4ck / idapython_cheatsheet.md
Last active Jan 14, 2021
Cheatsheet for IDAPython
View idapython_cheatsheet.md
@icecr4ck
icecr4ck / keybindings.json
Created Jun 27, 2019
Binary Ninja keybindings.
View keybindings.json
{
"Miasm\\IR graph" : "Ctrl+Shift+M",
"Miasm\\IR graph (simplified)" : "Ctrl+Shift+I",
"Disassembly Graph" : "Ctrl+Shift+G",
"Hex Editor" : "Ctrl+Shift+H",
"Strings" : "Ctrl+Shift+S",
"Triage Summary" : "Ctrl+Shift+T"
}
You can’t perform that action at this time.