This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| #include "firm.h" | |
| int get_section_by_address (void *address) { | |
| int i; | |
| struct firm_section_header volatile *sh; | |
| for (i=0; i < FIRM_MAX_SECTION_COUNT; i++) { | |
| sh = &firm->section_headers[i]; | |
| if ((sh->address <= address) && (address < (sh->address + sh->size))) { |
patois
/ gist:4627f2d852ef863732c4
Created
June 10, 2015 22:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <string.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include "draw.h" | |
| #include "hid.h" | |
| #include "firm.h" | |
| void ClearTop (void) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .section ".init" | |
| .global _start | |
| .extern main | |
| .align 4 | |
| .arm | |
| _start: | |
| b _init |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <idc.idc> | |
| static GetExtfunFlags(flags) | |
| { | |
| auto s = 0; | |
| if ((flags & 1) == 1) | |
| s = "EXTFUN_BASE"; | |
| if ((flags & 2) == 2) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .386 | |
| .model flat,stdcall | |
| option casemap:none | |
| include include\windows.inc | |
| include include\kernel32.inc | |
| include include\comdlg32.inc | |
| include include\user32.inc | |
| includelib lib\kernel32.lib | |
| includelib lib\comdlg32.lib | |
| includelib lib\user32.lib |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idaapi import * | |
| # with code taken from | |
| # - http://hexblog.com/idapro/vmware_modules.py | |
| # - HexRays forum | |
| # - https://gist.github.com/nmulasmajic/f90661489f858237bcd68fbde5516abd#file-find_nt_imagebase_x64-py | |
| class LoadedModulesList(Choose2): | |
| def __init__(self, title, modlistEA=BADADDR, flags=0, width=None, height=None, embedded=False, modal=False): |
patois
/ config.t32
Last active
September 14, 2022 07:04
ARM(32) Code Snippet debugging with GDB Lauterbach Trace32 Simulator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PBI=SIM | |
| PRINTER=WINDOWS | |
| SCREEN= | |
| HEADER=TRACE32 ARM SIMULATOR | |
patois
/ child-gating-poc.py
Created
November 15, 2022 19:11
— forked from pellaeon/child-gating-poc.py
Frida child-gating and spawn-gating example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| This POC is based on example from https://frida.re/news/#child-gating | |
| and is aimed to instrument child processes along with the main one. | |
| """ | |
| from __future__ import print_function | |
| import frida | |
| from frida_tools.application import Reactor | |
| import threading |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Install TRACE32 for V850/RH80 from https://www.lauterbach.com/frames.html?download_demo.html | |
| 2. copy *.cmm to the TRACE32 installation folder | |
| 3. overwrite config.t32 found in the TRACE32 installation folder with the one provided, edit "SYS variable | |
| 4. add the content provided with "gdb_arch.cfg" to the existing %IDADIR%\cfg\gdb_arch.cfg file | |
| 5. open the file "ghv850.cfe" from the TRACE32 installation folder with IDA | |
| 6. In IDA, go to "Debugger -> Select debugger", pick "Remote GDB debugger" | |
| 7. Go to "Debugger -> Debugger options -> Set specific options", tick the | |
| "Run a program..." checkbox, then click "choose a configuration", pick the configuration | |
| named "TRACE32: Renesas RH850 (ELF)" and confirm. | |
| 8. Go to "Debugger -> Process options...", fill the hostname (127.0.0.1) and port (30000) |
OlderNewer