Skip to content

Instantly share code, notes, and snippets.

View nstarke's full-sized avatar

Nicholas Starke nstarke

156 followers · 9 following
View GitHub Profile
@nstarke
nstarke / cisco-ios-powerpc-gdb-rsp-debugger.py
Last active August 10, 2021 07:08
Cisco IOS PowerPC GDB RSP Debugger
#!/usr/bin/python
#
# Cisco IOS GDB RSP Wrapper
# PowerPC Version
#
# Authors:
#
# Artem Kondratenko (@artkond) - original mips version
# Nicholas Starke (@nstarke) - powerpc version
# Adapted from https://github.com/klsecservices/ios_mips_gdb
@nstarke
nstarke / find-pipes.cpp
Created December 31, 2017 20:00
List Named Pipes in Windows
// Most of this taken from https://stackoverflow.com/a/19780129 with some edits.
#ifndef _WIN32_WINNT
// Windows XP
#define _WIN32_WINNT 0x0501
#endif
#define MAX_PATH 0xFF
#include <Windows.h>
#include <Psapi.h>
#include <iostream>
@nstarke
nstarke / aqn-cpu_rec-results.txt
Created July 8, 2021 17:02
Aquantia Firmware Update Files - CPU_REC Results
$ python3 ~/cpu_rec/cpu_rec.py *.clx
AQC100-Felicity-3.1.121_bdp_aqsign.clx full(0x200000) None chunk(0x30800;97) Xtensa
AQC107-Nikki-3.1.121_bdp_aqsign.clx full(0x200000) None chunk(0x30800;97) Xtensa
AQC111-Bermuda-B0-3.1.121_bdp_aqsign.clx full(0x200000) None chunk(0x31000;98) Xtensa
$ binwalk *.clx
Scan Time: 2021-07-08 17:01:00
Target File: /home/nick/aqn/AQC100-Felicity-3.1.121_bdp_aqsign.clx
MD5 Checksum: 3dd8e40cd3e4aa183b13939190b86b05
Signatures: 404
@nstarke
nstarke / egodeath-obfuscator-example2.js
Last active June 7, 2021 19:56
Egodeath Obfuscator Example 2
console.assert = function (){};
console.clear = function (){};
console.count = function (){};
console.error = function (){};
console.group = function (){};
console.groupCollapsed = function (){};
console.groupEnd = function (){};
console.info = function (){};
console.log = function (){};
console.table = function (){};
@nstarke
nstarke / CountReferencedStrings.java
Last active January 20, 2021 21:31
Ghidra Script: Count Referenced Strings
/* ###
* IP: GHIDRA
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
@nstarke
nstarke / regex-search-for-regex.sh
Created February 23, 2016 21:24
regex-search-for-regex
egrep --include "*.cpp" --include "*.c" -r -e "[\^]?(\.\*)|(\[\w+*\-\w+*\])|(\{\d+[\,\d+]?\})[\$]?" .
@nstarke
nstarke / android-decompile.sh
Last active May 14, 2020 06:49
Android APK Decompile Script
#!/bin/bash
APK=$1
# Linux only right now.
if [ ! -d "$HOME/.android-decompile-tools" ]; then
mkdir "$HOME/.android-decompile-tools"
fi
@nstarke
nstarke / 0000-thecus-firmware-decrypt.sh
Last active March 18, 2020 03:13
Thecus Firmware Decrypt Bash Script
#!/bin/bash
#
# This script takes a Thecus Firmware Image and decrypts it.
# The encryption key is based off of one of the supported
# models, which are listed in the firmware filename. This
# script will try all of the model names in the file name
# and delete any that do not decrypt to a gzip file.
#
# You will need the following c program compiled and passed
@nstarke
nstarke / mac-address-table-filler.py
Last active January 16, 2020 15:34
Mac Address Table Filler
#!/usr/bin/env python
#
# This script is meant to assist in filling up a MAC ADDRESS Table on a switch
# This script reuqires scapy to be installed, and most likely will need to be
# run as root. That means scapy will have to be installed for the root user
# in order for this script to work.
#
# Arguments:
# * Interface to send ARP packet on
@nstarke
nstarke / rsync-auth.py
Last active November 28, 2019 01:44
Rsync Protocol Authentication flow in Python
#!/usr/bin/env python
from Crypto.Hash import MD4
import socket
import base64
import os
import random
import time
import sys