Skip to content

Instantly share code, notes, and snippets.

View lwerdna's full-sized avatar

Andrew Lamoureux lwerdna

63 followers · 8 following
View GitHub Profile
@lwerdna
lwerdna / loctool.c
Last active February 27, 2019 01:32
libopcodes command-line invocation
/*
## loctool: (libopcode tool) programmatically call the same disassembler objdump uses
* depends: libiberty, libbfd, libopcodes all from binutils
## setup
* get [binutils 2.30](https://ftp.gnu.org/gnu/binutils/binutils-2.30.tar.gz) and decompress.
* enter the libiberty directory, `./configure && make` then `cp libiberty.a /usr/local/lib`
* enter the bfd directory, edit configure and set all_targets=true then `./configure && make && make install`
* enter the opcodes directory, edit configure and set all_targets=true then `./configure && make && make install`
@lwerdna
lwerdna / wrap_elf.py
Created February 26, 2019 20:23
treat a file as the .text section of an ELF file
#!/usr/bin/env python
# wrap a flat file as the .text section of an ELF file
# resulting file is simple:
# ------------------------
# ELF header
# ------------------------
# program header
# ------------------------
# .text section
@lwerdna
lwerdna / z80_decision_tree.c
Created August 8, 2019 19:21
Z80 decision tree
// opening classifier from: /tmp/tmp.pickle
// n_nodes: 359
// n_leaves: 180
// max_depth: 25
if(byte1 <= 127)
if(byte1 <= 63)
if(b8 <= 0)
if(b9 <= 0)
if(b10 <= 0)
if(nybble1 <= 7)
@lwerdna
lwerdna / Rot13_BinaryView.py
Created August 9, 2019 15:15
use a BinaryView as an encrypter/decrypter
# python stuff
import codecs
# binja stuff
from binaryninja import binaryview, BinaryDataNotification
from binaryninjaui import View, ViewType, ViewFrame, HexEditor
# binja UI stuff
from PySide2.QtCore import Qt
from PySide2.QtWidgets import QScrollArea
@lwerdna
lwerdna / chi_squared.py
Created August 10, 2019 00:12
chi-squared comparison
#!/usr/bin/env python
def chi_square(a, b):
# https://github.com/opencv/opencv/blob/master/modules/imgproc/src/histogram.cpp
# sum(i=1,n, (x_i - y_i)^2 / (x_i+y_i) )
assert len(a)==len(b)
result = 0;
for i in range(len(a)):
numerator = a[i]-b[i]
@lwerdna
lwerdna / binja_dis.py
Created August 10, 2019 03:10
binja disassemble from command line
#!/usr/bin/env python
#
# command-line binary ninja disassembler
import sys
import binaryninja
GREEN = '\x1B[32m'
NORMAL = '\x1B[0m'
@lwerdna
lwerdna / binja_lift.py
Created August 10, 2019 03:16
binja command line lifter
#!/usr/bin/env python
#
# command-line binary ninja disassembler
import sys
import binaryninja
from binaryninja import core
from binaryninja import binaryview
from binaryninja import lowlevelil
@lwerdna
lwerdna / img2binja.py
Created August 10, 2019 04:03
convert images to Binary Ninja "feature map"
#!/usr/bin/env python
#
# convert images to Binary Ninja "feature map" images
#
# please share enhancements and cool images you make with andrewl on binja slack
#
# instructions (requires ImageMagick and Netwide Assembler (nasm)):
#
# resize to 128 pixel width:
# $ convert -resize 128 input.png output.png
@lwerdna
lwerdna / pe_stat.py
Created August 10, 2019 05:36
python version of Z0MBIE's PE_STAT for opcode frequency statistics
#!/usr/bin/env python
#
# python version of Z0MBIE's PE_STAT for opcode frequency statistics
# http://z0mbie.dreamhosters.com/opcodes.html
import sys
import binaryninja
from collections import defaultdict
opc2count = defaultdict(lambda:0)
@lwerdna
lwerdna / byte_historam_from_elf.py
Last active August 16, 2019 17:23
get byte frequency histograms from ELF files
#!/usr/bin/env python
import re
import os
import sys
from struct import pack, unpack
#------------------------------------------------------------------------------
# ELF STUFF
#------------------------------------------------------------------------------