This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import idaapi | |
import idautils | |
import idc | |
def get_rop_gadget_string(addr): | |
gb = [] | |
while True: | |
# Decode | |
i = idautils.DecodeInstruction(addr) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static class XmlExtensions | |
{ | |
static public string GetAttrValue( | |
this XmlNode node, | |
string AttrName) | |
{ | |
try | |
{ | |
return node.Attributes[AttrName].Value; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public static class ListViewExtensions | |
{ | |
public static string GetItemsString( | |
this System.Windows.Forms.ListViewItem lvi, | |
string SurroundL = "\"", | |
string SurroundR = "\"", | |
string Join = "\t") | |
{ | |
List<string> s = new List<string>(); | |
foreach (System.Windows.Forms.ListViewItem.ListViewSubItem CurSub in lvi.SubItems) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//------------------------------------------------------------------------- | |
PDWORD FindFuncEATAddressSlot( | |
HMODULE hModule, | |
LPCSTR FuncName) | |
{ | |
if (hModule == nullptr) | |
return nullptr; | |
ULONG_PTR Base = ULONG_PTR(hModule); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Export marked location sorted by their address | |
# | |
# Get marked locations | |
Locs = [] | |
idx = 0 | |
while True: | |
s = idc.GetMarkComment(idx) | |
if s is None: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// https://support.microsoft.com/en-us/help/323809/how-to-get-information-from-authenticode-signed-executables | |
#include <windows.h> | |
#include <wincrypt.h> | |
#include <wintrust.h> | |
#include <stdio.h> | |
#include <tchar.h> | |
#pragma comment(lib, "crypt32.lib") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <windows.h> // for EXCEPTION_ACCESS_VIOLATION | |
#include <excpt.h> | |
int filter(unsigned int code, struct _EXCEPTION_POINTERS *ep) { | |
puts("in filter."); | |
if (code == EXCEPTION_ACCESS_VIOLATION) { | |
puts("caught AV as expected."); | |
return EXCEPTION_EXECUTE_HANDLER; | |
} | |
else { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#--------------------------------------------------------------------- | |
EXEFLAG_NONE = 0x0000 | |
EXEFLAG_LINUX = 0x0001 | |
EXEFLAG_WINDOWS = 0x0002 | |
EXEFLAG_MACOS = 0x0004 | |
EXEFLAG_MACOS_FAT = 0x0008 | |
EXEFLAG_32BITS = 0x0010 | |
EXEFLAG_64BITS = 0x0020 | |
# Keep signatures sorted by size |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# -*- coding: utf-8 -*- | |
out = [] | |
st = 0 | |
out.append('<ul>') | |
with open('Driving.txt', 'r') as f: | |
for line in f: | |
# Skip empty line | |
if len(line.strip()) == 0: | |
continue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//-------------------------------------------------------------------------- | |
#pragma warning(push) | |
#pragma warning(disable: 4127) | |
template <class DT, class ST> class AnsiOrWideString_t | |
{ | |
const DT *dstr; | |
bool bOwned; | |
AnsiOrWideString_t &operator =(const AnsiOrWideString_t &) { } | |
AnsiOrWideString_t(const AnsiOrWideString_t &) { } |
OlderNewer