This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# W.J. van der Laan 2016 | |
# Compute, at each instruction, the value of the stack pointer | |
# relative to the return address. | |
import sys | |
import json | |
import re | |
instructions = json.load(sys.stdin, strict=False) | |
debug = True |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Wladimir van der Laan 2016. This document is in the public domain. | |
BLATSTING reverse-engineering notes. Based on files from the EQGRP free dump, | |
more specifically in Firewall/BLATSTING/BLATSTING_201381/LP/lpconfig. | |
In https://musalbas.com/2016/08/16/equation-group-firewall-operations-catalogue.html, | |
BLATSTING is described as "A firewall software implant that is used with EGREGIOUSBLUNDER | |
(Fortigate) and ELIGIBLEBACHELOR (TOPSEC)". | |
If true, it's interesting how this implant can target both vendors. Presumably they both use the same Linux |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Basetype: unsigned int */ | |
typedef unsigned int size_t; | |
/* Basetype: unsigned char */ | |
/* Basetype: short unsigned int */ | |
/* Basetype: long unsigned int */ | |
/* Basetype: signed char */ | |
/* Basetype: short int */ | |
/* Basetype: int */ | |
/* Basetype: long long int */ | |
/* Basetype: long long unsigned int */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
from __future__ import division, print_function, unicode_literals | |
from z3 import * | |
import binascii, struct | |
def byteswp(a): | |
''' | |
Build expression to swap bytes in 16-bit word. | |
''' | |
return RotateLeft(a,8) # can also be RotateRight, or even Concat(Extract(), Extract()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# Uses https://github.com/majek/pysiphash | |
import siphash, struct, binascii | |
_twoQ = struct.Struct('<QQ') | |
def check_hash(data, value, sip=None): | |
if sip is None: | |
sip = siphash.SipHash_2_4(_twoQ.pack(0x0706050403020100, 0x0F0E0D0C0B0A0908)) | |
v = sip.update(data).hash() | |
if v != value: | |
print('Mismatch for %s: %016x versus %016x' % ( |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
''' | |
Example showing the use of RPC batching in Bitcoin Core. | |
''' | |
# W.J. van der Laan | |
# SPDX-License-Identifier: MIT | |
import sys,os | |
# just grab the library from the closest bitcoin instance | |
sys.path.append(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'bitcoin', 'test', 'functional')) | |
from test_framework.authproxy import AuthServiceProxy, JSONRPCException |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
AFLPATH=/store/orion/upstream/testing/afl | |
CC=${AFLPATH}/afl-gcc CXX=${AFLPATH}/afl-g++ ./configure --disable-shared | |
export AFL_HARDEN=1 | |
make |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set disable-randomization off | |
set $_exitcode = -999 | |
set height 0 | |
handle SIGTERM nostop print pass | |
handle SIGPIPE nostop | |
define hook-stop | |
if $_exitcode != -999 | |
quit | |
else | |
shell echo | mail -s "NOTICE: app has stopped on unhandled signal" root |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python3 | |
# W.J. 2015 (License: MIT) | |
import hashlib,sys,os | |
BLOCKCHARS = '\u0020\u2598\u259d\u2580\u2596\u258c\u259e\u259b\u2597\u259a\u2590\u259c\u2584\u2599\u259f\u2588' | |
def uhex(x): | |
return ''.join(BLOCKCHARS[b>>4] + BLOCKCHARS[b&0xf] for b in x) | |
for filename in sys.argv[1:]: | |
if not os.path.isfile(filename): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python2 | |
# W.J. 2015 (License: MIT) | |
''' | |
Overwrite 4/8-byte heap leak from old mingw binutils. | |
Input: test.exe test.map | |
Create linker map with -Wl,-Map=mtest.map | |
''' | |
from __future__ import print_function,division |