Skip to content

Instantly share code, notes, and snippets.

Avatar
❤️
‌‌

Duncan Ogilvie mrexodia

❤️
‌‌
View GitHub Profile
View msvbvm50.pdb
0:000> lm
start end module name
00400000 00407000 image00400000 (deferred)
740c0000 7420d000 MSVBVM50 (pdb symbols) c:\symbols\msvbvm50.pdb\3AEF4F631\msvbvm50.pdb
77120000 771ab000 OLEAUT32 (deferred)
774e0000 7761e000 ole32 (deferred)
77c10000 77c68000 msvcrt (deferred)
77dd0000 77e6b000 ADVAPI32 (deferred)
77e70000 77f03000 RPCRT4 (deferred)
77f10000 77f59000 GDI32 (deferred)
@mrexodia
mrexodia / _typetest_script.txt
Last active May 26, 2020
x64dbg type system
View _typetest_script.txt
ClearTypes
AddStruct ST
AppendMember char, a
AppendMember int, y
SizeofType ST
VisitType ST
AddType "unsigned int", DWORD
SizeofType DWORD
View xor06.ini
[Colors]
AbstractTableViewBackgroundColor=#00FFFF
AbstractTableViewHeaderTextColor=#000000
AbstractTableViewSelectionColor=#C0C0C0
AbstractTableViewSeparatorColor=#808080
AbstractTableViewTextColor=#000000
DisassemblyAddressBackgroundColor=#XXXXXX
DisassemblyAddressColor=#808080
DisassemblyAutoCommentBackgroundColor=#XXXXXX
DisassemblyAutoCommentColor=#000000
View x64_XSAVE_FORMAT.h
typedef struct DECLSPEC_ALIGN(16) _XSAVE_FORMAT {
WORD ControlWord;
WORD StatusWord;
BYTE TagWord;
BYTE Reserved1;
WORD ErrorOpcode;
DWORD ErrorOffset;
WORD ErrorSelector;
WORD Reserved2;
DWORD DataOffset;
View Type.hpp
#pragma once
#include <string>
#include <vector>
namespace Type
{
enum Primitive
{
Int8,
@mrexodia
mrexodia / upx.py
Created Sep 9, 2016
Unpacking UPX with x64dbgpy
View upx.py
from x64dbgpy.pluginsdk import *
import sys
cip = register.GetCIP()
if memory.ReadByte(cip) != 0x60:
gui.Message("Start at UPX entry point (1:[CIP]==0x60)")
exit(0)
x64dbg.DbgCmdExecDirect("bc")
x64dbg.DbgCmdExecDirect("bphwc")
View green.ini
[Colors]
AbstractTableViewBackgroundColor=#FFFBF0
AbstractTableViewHeaderTextColor=#000080
AbstractTableViewSelectionColor=#C0C0C0
AbstractTableViewSeparatorColor=#FF0000
AbstractTableViewTextColor=#000080
DisassemblyAddressBackgroundColor=#XXXXXX
DisassemblyAddressColor=#0000FF
DisassemblyAutoCommentBackgroundColor=#XXXXXX
DisassemblyAutoCommentColor=#008000
@mrexodia
mrexodia / message.md
Last active Aug 25, 2016
Message for livecoding
View message.md

Hello,

I'm writing to you because I don't feel livecoding is a nice place for me to stream anymore.It started out great, some stability issues with any stream, but easy to engage your viewers and simple to stream in your free time. In various messages for feedback and during streams in chat to staff I have mentioned that these stability issues are a problem, and so far there has been no response to this, not even an automated one.

The real problems started with the ridiculously expensive pro package, if it included a live view count or mention of users having left the chat I would buy it though.

Now as for watching, when not registered you cannot really do anything without getting murdered with annoying popups and even when registered you get the most annoying popups asking you to follow someone. Some screenshots, https://i.imgur.com/YcNccgD.png http://i.imgur.com/rbACuot.png http://i.imgur.com/w9Eav2N.png

Just my few cents, unfortunately I won't be able to stream on livecoding anymore in the future.

View keybase.md

Keybase proof

I hereby claim:

  • I am mrexodia on github.
  • I am mrexodia (https://keybase.io/mrexodia) on keybase.
  • I have a public key whose fingerprint is 1BDC 76FE D9F3 8854 2ACA 7E89 0834 E000 49E2 9CD0

To claim this, I am signing this object:

@mrexodia
mrexodia / conversation.txt
Created Aug 9, 2016
Great conversation with saboteur@gmail.hu
View conversation.txt
hi
why i cannot attach to xdbg64 to svchost.exe?
its process is not even listed in the File-> Attach menu
fix this asap!
-----
Fix it yourself. Also try enabling debug privilege.
-----
You can’t perform that action at this time.