Skip to content

Instantly share code, notes, and snippets.

View jamiedevsandbox's full-sized avatar
💭
C and Linux is life

Jamie Sparks jamiedevsandbox

💭
C and Linux is life
View GitHub Profile
@jamiedevsandbox
jamiedevsandbox / win7-disable-aslr
Created April 11, 2021 11:11
Disable Windows 7 x64 ASLR
Edit key using (mnemonic: win+r) regedit
Registry key:
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages
@jamiedevsandbox
jamiedevsandbox / win-peformat-mz
Last active April 11, 2021 12:29
PE Format (MS-DOS EXE Format) MZ Signature
Interesting information on the engineer and file structure (headers/realloc table)
https://wiki.osdev.org/MZ
@jamiedevsandbox
jamiedevsandbox / endian
Last active April 11, 2021 18:48
Test CPU endian using C
/* endian.c (conforms to C89/90 standards) */
/* use valgrind to test for memory leaks/performance issue/code bottlenecks etc.. */
#include <stdio.h>
void test_endian();
unsigned short cpu_endian_test();
unsigned short cpu_endian(const int); /* supply custom address as argument */
unsigned short cpu_endian(const int addr)
{
@jamiedevsandbox
jamiedevsandbox / dbg-win-msi-exe
Last active April 19, 2021 03:01
Debug/Extract MSI / EXE
Debug/Extract MSI/EXE (PE Header):
https://stackoverflow.com/questions/1547809/extract-msi-from-exe/24987512
https://superuser.com/questions/307678/how-do-i-extract-files-from-an-msi-package
ACL (Microsoft Access Control Lists, grant file permissions/set group):
icacls
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/icacls
View/Extract contents/internal files of MSI:
@jamiedevsandbox
jamiedevsandbox / exitif-tool
Created April 19, 2021 08:57
EXIF (Extended Image File Format) tool
Edit/Remove/Read image metadata (contains GPS coordinate location info)
https://exiftool.org/
@jamiedevsandbox
jamiedevsandbox / spawn-cmd-prompt-win
Created April 23, 2021 15:03
Spawn Command Prompt in Windows 7 live cd boot
Without having to traverse through the GUI.
mnemonic:
shift + f10
@jamiedevsandbox
jamiedevsandbox / win-cmd-wmic-info
Created April 23, 2021 17:57
Var Dump Windows CMD Global Switches System Management
C:\Windows\system32>wmic /?
[global switches] <command>
The following global switches are available:
/NAMESPACE Path for the namespace the alias operate against.
/ROLE Path for the role containing the alias definitions.
/NODE Servers the alias will operate against.
/IMPLEVEL Client impersonation level.
/AUTHLEVEL Client authentication level.
@jamiedevsandbox
jamiedevsandbox / win7-boot-fix-mbr
Last active April 23, 2021 22:17
Fix Windows 7 bootloader/MBR
Launch windows 7 on a bootable DVD.
Spawn terminal with Shift + F10.
Inside cmd prompt:
bootrec.exe /fixmbr
bootrec.exe /fixboot
bootrec.exe /rebuildbcd
@jamiedevsandbox
jamiedevsandbox / magic-jellybean-win-product-key
Created April 24, 2021 17:06
Magic Jelly Bean Windows Product Key Finder
Expose Windows Product Key
https://www.magicaljellybean.com/keyfinder/
@jamiedevsandbox
jamiedevsandbox / win-slmgr-tool
Created April 24, 2021 17:51
Windows Software Licensing Management Tool for Non Genuine Windows
slmgr.vbs
When your copy of Windows is not genuine and you don't want to activate (with product key).
slmgr /rearm
^ The above command will reset the licensing status of the machine.
Now you will not receiveve messages stating your system is not genuine.
This is temporary, ephemeral fix.
After some time elapses, it will notify you again that it's not genuine.