jgru

How to use detex

Create or download Dockerfile:

cat > Dockerfile <<EOF
FROM debian:bookworm-slim
WORKDIR /usr/local/src
RUN apt-get update -y && apt-get install -y gcc make git flex
RUN git clone https://github.com/pkubowicz/opendetex.git
RUN cd /usr/local/src/opendetex && make all && make install

jgru

<?xml version="1.0" encoding="UTF-8"?>
<CATEGORY NAME="Key Bindings">
    <WRAPPED_OPTION NAME="Source Code Lookup (SourceCodeLookupPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">
        <CLEARED_VALUE />
    </WRAPPED_OPTION>
    <WRAPPED_OPTION NAME="Remove Stack Depth Change (FunctionPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">
        <STATE NAME="KeyCode" TYPE="int" VALUE="127" />
        <STATE NAME="Modifiers" TYPE="int" VALUE="0" />
    </WRAPPED_OPTION>
    <WRAPPED_OPTION NAME="Export Program (ExporterPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">

jgru

Build Sleuthkit (and fiwalk) on Windows 10 with MSYS2 MinGW

1. Follow installation instructions at https://www.msys2.org/ to install the minimum GNU for Windows toolchain
2. Get the sleuthkit sources and extract those

   Invoke-WebRequest -Uri https://github.com/sleuthkit/sleuthkit/archive/refs/tags/sleuthkit-4.11.0.zip -OutFile ".\sleuthkit-4.11.0.zip"
   Expand-Archive .\sleuthkit-4.11.0.zip
       

3. Copy the sleuthkit directory to C:\msys64\home\<user>\
4. Run MSYS2 MinGW either from start menu or from a powershell:

jgru

FROM ubuntu:20.04

ARG DEBIAN_FRONTEND=noninteractive

RUN apt-get update
RUN apt-get install -y testdisk wget gnupg

RUN wget -q -O - https://download.bell-sw.com/pki/GPG-KEY-bellsoft | apt-key add -
RUN echo "deb [arch=amd64] https://apt.bell-sw.com/ stable main" > /etc/apt/sources.list.d/bellsoft.list
RUN apt-get update

jgru

//@author jgru (building up on a script of larsborn)
//@category _NEW_
//@keybinding
//@menupath
//@toolbar

import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;

jgru

/*
 * The purpose of this Win32 API-program is to test the reconstruction
 * of a GUI via virtual machine introspection and to test the
 * injection of mouse clicks.
 *
 * To do this, the program creates a randomly sized window and displays
 * it at a random screen location. If the button containing one of the
 * specified button labels is clicked, it will immediately respawn
 * another randomized instance. This goes onward forever until the
 * "Quit"-button is clicked.

jgru

#!/bin/sh
#
# Version         dump_proc_mem 0.0.1
# Author          Jan Gru
# Copyright       Copyright (c) Jan Gru
# License         GNU General Public License

# Checks, if root permissions
if [ $(id -u) -ne 0 ]
   then echo "Error: needing root permissions!" >&2

jgru

#include <windows.h>
#include <winuser.h>
#include <stdio.h>
#include <stdlib.h>
#include <winsock2.h>

/*
 * This program records the current cursor position in a given interval and sends
 * the retrieved coordinates in a TCP stream to the specified host and port.
 * The program utilizes the Win32-API to collect query the cursor position.

jgru

// Inspired by: https://blog.jeronimus.net/2019/08/attiny85-mouse.html

#include <DigiMouse.h>

void setup() {
  DigiMouse.begin(); //start or reenumerate USB
}

// Moves mouse pointer left and right by 2 px and blinks the LED 

jgru

<#
.SYNOPSIS
  This script converts multimedia files in a nested directory structure with the help of ffmpeg
.DESCRIPTION
  This script converts multimedia files in a nested directory structure with the help of ffmpeg. Note that, ffmpeg has to be inserted in your $PATH.
.PARAMETER InParentDir
    Path to the folder containing all files 
.PARAMETER OutParentDir
    Path to the folder, where the converted files should be stored.
.PARAMETER Suffix