- Windowsがインストールされたマシン(Windows 10で動作確認済)
- Android SDKをインストールする
- KingoRootをインストールする
- Fx0をUSBケーブルでマシンにつなぐ
- KingoRootを起動し,「ROOT」をクリック
- 待つ
- adb shellから
suする
Yuma Kurogome ntddk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kd> .for(r $t0=0; @$t0<dwo(nt!KiServiceLimit); r $t0=@$t0+1){.printf "%y\n", nt!KiServiceTable+(dwo(nt!KiServiceTable+@$t0*4)>>4)} | |
| fffff801`85aa38c4 | |
| fffff801`85b3cc10 | |
| nt!NtAcceptConnectPort (fffff801`75f238ac) | |
| nt!NtMapUserPhysicalPagesScatter (fffff801`760afb54) | |
| nt!NtWaitForSingleObject (fffff801`75e52d20) | |
| fffff801`85ba51a0 | |
| nt!NtReadFile (fffff801`75eb42f0) | |
| nt!NtDeviceIoControlFile (fffff801`75e56740) | |
| nt!NtWriteFile (fffff801`75e9e770) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // お題 | |
| // http://togetter.com/li/92612 | |
| // FizzBuzzを30バイトで | |
| // my code | |
| // 1. | |
| //main(_){printf(_%15?_%3?_%5?"%d\n":"Buzz\n":"Fizz\n":"FizzBuzz\n",_);main(++_);} | |
| // 80bytes | |
| // 2. | |
| main(_){printf(_%3?_%5?"%d":0:"Fizz",_);puts(_%5?"":"Buzz");main(++_);} |
ntddk
/ windbg_detect_doublepulsar_smb.py
Created
May 31, 2017 15:03
windbg-doublepulsar-detection-script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # coding: utf-8 | |
| import pykd | |
| for i in pykd.dbgCommand('dps srv!SrvTransaction2DispatchTable').split('\n'): | |
| if len(i) > 0 and '00000000' not in i and 'srv!' not in i: # addr addr symbol | |
| print 'Doublepulsar hook detected: ' + i |
ntddk
/ README.md
Created
February 26, 2018 06:29
— forked from jthuraisamy/README.md
PyExZ3 Example with HackSysExtremeVulnerableDriver
TL;DR: Using symbolic execution to recover driver IOCTL codes that are computed at runtime.
The goal here is to find valid IOCTL codes for the HackSysExtremeVulnerableDriver by analyzing the binary. The control flow varies between the binary and source due to compiler optimizations. This results in a situation where only a few IOCTL codes in the assembly are represented as a constant with the remaining being computed at runtime.
The code in hevd_ioctl.py is a approximation of the control flow of the compiled IrpDeviceIoCtlHandler function. The effects of the compiler optimization are more pronounced when comparing this code to the original C function. To comply with requirements of the PyExZ3 module, the target function is named after the script's filename, and the `ex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64> ./livekd | |
| LiveKd v5.40 - Execute kd/windbg on a live system | |
| Sysinternals - www.sysinternals.com | |
| Copyright (C) 2000-2015 Mark Russinovich and Ken Johnson | |
| Launching C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\kd.exe: | |
| Microsoft (R) Windows Debugger Version 6.3.9600.17336 AMD64 | |
| Copyright (c) Microsoft Corporation. All rights reserved. |
ntddk
/ win32k.sys.log
Last active
July 8, 2021 03:31
exports of win32k.sys/win32kbase.sys/win32kfull.sys #Windows10 Technical Preview
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Microsoft (R) COFF/PE Dumper Version 12.00.30501.0 | |
| Copyright (C) Microsoft Corporation. All rights reserved. | |
| Dump of file C:\Users\Administrator\Desktop\win32k.sys | |
| File Type: EXECUTABLE IMAGE | |
| Section contains the following exports for WIN32K.SYS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| % | |
| % From jarticle.sty 16-Mar-88 | |
| % ------------------------------------------------------------------------- | |
| % No page number | |
| \pagestyle{empty} | |
| % Page layout | |
| % | |
| %\paperwidth 210mm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| curl https://raw.githubusercontent.com/akameco/sana-voice/master/sana-voice-list.json > sana-voice-list.json | |
| cat sana-voice-list.json | jq -r '.[].link' | while read line; do wget -nc $line; done | |
| (while true; do ls -la | awk '$0~/mp3/{print $9}' | shuf -n 1 | xargs -Iargs cvlc --quiet --no-repeat args 2>/dev/null vlc://quit; done)& |
ntddk
/ windows_server_2016_as_a_desktop_os.md
Created
March 13, 2017 04:27
Windows Server 2016をデスクトップOSとして使う
NewerOlder